General

  • Target

    1e98a4788a27d58ff12e9ab03b5a9a4479696603a69a865f33e342f3176ce59d

  • Size

    899KB

  • Sample

    241029-zdsy8sykax

  • MD5

    fc9c47dc151624a8a09dcdd703c2b4b1

  • SHA1

    a3ab57de565f8854a16d00d66dd425c16c63aac5

  • SHA256

    1e98a4788a27d58ff12e9ab03b5a9a4479696603a69a865f33e342f3176ce59d

  • SHA512

    4b5f3c8eceef68dfe104853a256884c894868236cb39b6d111e021160c25874978912adc06732fbe68164de079616aaa7b8a0b89765c0a2725de60155150aa97

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX2:7wqd87V2

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      1e98a4788a27d58ff12e9ab03b5a9a4479696603a69a865f33e342f3176ce59d

    • Size

      899KB

    • MD5

      fc9c47dc151624a8a09dcdd703c2b4b1

    • SHA1

      a3ab57de565f8854a16d00d66dd425c16c63aac5

    • SHA256

      1e98a4788a27d58ff12e9ab03b5a9a4479696603a69a865f33e342f3176ce59d

    • SHA512

      4b5f3c8eceef68dfe104853a256884c894868236cb39b6d111e021160c25874978912adc06732fbe68164de079616aaa7b8a0b89765c0a2725de60155150aa97

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX2:7wqd87V2

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks