General

  • Target

    99965b19dba155fe79d6ce9f342be83477f7922b3911c5ba2a4667fda1ca3986

  • Size

    899KB

  • Sample

    241109-zfvwlssane

  • MD5

    f88a4136cb419a9d144d12e2ca88de6e

  • SHA1

    692d45c6c0085f149b2c5f2f88216953b7f92444

  • SHA256

    99965b19dba155fe79d6ce9f342be83477f7922b3911c5ba2a4667fda1ca3986

  • SHA512

    57919f91562d5d3ba4380ca4e7760ca5f1dbfc21854a97927ea90ff0f8f6c354a4f76fe89777bfacf96fb70e7b324166172189b1726f4a03531c9fc02f1ce0c9

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXl:7wqd87Vl

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      99965b19dba155fe79d6ce9f342be83477f7922b3911c5ba2a4667fda1ca3986

    • Size

      899KB

    • MD5

      f88a4136cb419a9d144d12e2ca88de6e

    • SHA1

      692d45c6c0085f149b2c5f2f88216953b7f92444

    • SHA256

      99965b19dba155fe79d6ce9f342be83477f7922b3911c5ba2a4667fda1ca3986

    • SHA512

      57919f91562d5d3ba4380ca4e7760ca5f1dbfc21854a97927ea90ff0f8f6c354a4f76fe89777bfacf96fb70e7b324166172189b1726f4a03531c9fc02f1ce0c9

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXl:7wqd87Vl

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks