General

  • Target

    6d82c02d326866cf7024afbc79ab29befc10ce059eb6d1fafc3dc44d797c1a90

  • Size

    899KB

  • Sample

    241113-cawvdsvcnr

  • MD5

    8a305af74a66d5d61f486b7f6181fea8

  • SHA1

    a3ba7a67545fba6a0e6ad3553bb3041d79643356

  • SHA256

    6d82c02d326866cf7024afbc79ab29befc10ce059eb6d1fafc3dc44d797c1a90

  • SHA512

    93191bf3b08091e8a6571fcb2ff87d3c1affc9e43717ab91e9ad33aaafe6d9fbfdb701ed55ad101b5f17f341768f40736b77b1f18fe1a74092b552b1bc18baba

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXx:7wqd87Vx

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      6d82c02d326866cf7024afbc79ab29befc10ce059eb6d1fafc3dc44d797c1a90

    • Size

      899KB

    • MD5

      8a305af74a66d5d61f486b7f6181fea8

    • SHA1

      a3ba7a67545fba6a0e6ad3553bb3041d79643356

    • SHA256

      6d82c02d326866cf7024afbc79ab29befc10ce059eb6d1fafc3dc44d797c1a90

    • SHA512

      93191bf3b08091e8a6571fcb2ff87d3c1affc9e43717ab91e9ad33aaafe6d9fbfdb701ed55ad101b5f17f341768f40736b77b1f18fe1a74092b552b1bc18baba

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXx:7wqd87Vx

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks