General

  • Target

    d2fc3c1f820d40c45a3bc421cc5f5c1b9c30e3d8483b069fa95872ab913fdb4f

  • Size

    899KB

  • Sample

    241109-zb88fa1hph

  • MD5

    ad675229faceba4655363dddb3d7513a

  • SHA1

    f68d696bae0aabcb249f225196c5ed3982ddc377

  • SHA256

    d2fc3c1f820d40c45a3bc421cc5f5c1b9c30e3d8483b069fa95872ab913fdb4f

  • SHA512

    0ad5f0a85e36ef8fc1ecc91bd277fbf2d4446e9f58da7654ccd02ef4a3161d3e69491ba9daab37e85088f05f1200ce7f78d85f237418136090eb2a11d5594bf4

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXG:7wqd87VG

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      d2fc3c1f820d40c45a3bc421cc5f5c1b9c30e3d8483b069fa95872ab913fdb4f

    • Size

      899KB

    • MD5

      ad675229faceba4655363dddb3d7513a

    • SHA1

      f68d696bae0aabcb249f225196c5ed3982ddc377

    • SHA256

      d2fc3c1f820d40c45a3bc421cc5f5c1b9c30e3d8483b069fa95872ab913fdb4f

    • SHA512

      0ad5f0a85e36ef8fc1ecc91bd277fbf2d4446e9f58da7654ccd02ef4a3161d3e69491ba9daab37e85088f05f1200ce7f78d85f237418136090eb2a11d5594bf4

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXG:7wqd87VG

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks