General

  • Target

    0f36b574a7642bf7f3891d54d941b9c89fdd0e7af504f5344b04f02c79f4d424

  • Size

    899KB

  • Sample

    241029-yqtkvsygrq

  • MD5

    e4d802819f652a311aaad3d6bc47272d

  • SHA1

    2e1825262abfeb221c1814f72dda13562fedfc56

  • SHA256

    0f36b574a7642bf7f3891d54d941b9c89fdd0e7af504f5344b04f02c79f4d424

  • SHA512

    f56f2a0d48ac7dd92c067e69bfc58f481eb6c48f1508840aad9d5a9bc31d5ed29384f86c783dfb0c0b0b4d7b164f0fc059b9b5dac32157a1832c35df8e47c0df

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXY:7wqd87VY

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      0f36b574a7642bf7f3891d54d941b9c89fdd0e7af504f5344b04f02c79f4d424

    • Size

      899KB

    • MD5

      e4d802819f652a311aaad3d6bc47272d

    • SHA1

      2e1825262abfeb221c1814f72dda13562fedfc56

    • SHA256

      0f36b574a7642bf7f3891d54d941b9c89fdd0e7af504f5344b04f02c79f4d424

    • SHA512

      f56f2a0d48ac7dd92c067e69bfc58f481eb6c48f1508840aad9d5a9bc31d5ed29384f86c783dfb0c0b0b4d7b164f0fc059b9b5dac32157a1832c35df8e47c0df

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXY:7wqd87VY

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks