General

  • Target

    953cc1f913c48c28e5818027007876d1fe901d2effde7c50f49eadf8ae4b7ad2

  • Size

    899KB

  • Sample

    241109-y8v7ea1grn

  • MD5

    5382ec6a23da8972ee869ab5dd3d3036

  • SHA1

    6c4255e1c038399030aa031db53ab3d4cbae0a55

  • SHA256

    953cc1f913c48c28e5818027007876d1fe901d2effde7c50f49eadf8ae4b7ad2

  • SHA512

    981683908dfe2519fc6867b2b439393a8c7f6cd6dfbb9dd4ce038d2a0464035faa9be9f2fc3a0f16eb00d0136502a9f3b77397e9c84c14cd6e43526bbe2e4d95

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXO:7wqd87VO

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      953cc1f913c48c28e5818027007876d1fe901d2effde7c50f49eadf8ae4b7ad2

    • Size

      899KB

    • MD5

      5382ec6a23da8972ee869ab5dd3d3036

    • SHA1

      6c4255e1c038399030aa031db53ab3d4cbae0a55

    • SHA256

      953cc1f913c48c28e5818027007876d1fe901d2effde7c50f49eadf8ae4b7ad2

    • SHA512

      981683908dfe2519fc6867b2b439393a8c7f6cd6dfbb9dd4ce038d2a0464035faa9be9f2fc3a0f16eb00d0136502a9f3b77397e9c84c14cd6e43526bbe2e4d95

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXO:7wqd87VO

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks