General

  • Target

    d19a7e7b8a33452b87e2d9b2a2a42e4fcbd4a165f7b2db1ba66f601e9e3ce78c

  • Size

    49KB

  • Sample

    241118-xpql5stclq

  • MD5

    035229beab8891c52defc09633a7131a

  • SHA1

    a2264c38cd2d08fd7f646cf12f4b59a279713b1d

  • SHA256

    d19a7e7b8a33452b87e2d9b2a2a42e4fcbd4a165f7b2db1ba66f601e9e3ce78c

  • SHA512

    1e7bc7986736a20aa9073dd3afb0643c0a11b6fb4ebcc9a753f6fad863c3542e57521c806c35200193d0e012172b7679eaa20d47ed2950e2e854d6083176032e

  • SSDEEP

    1536:CDwMsml26T5zBj+alf1H9jfbyqkY4ZvoDUb/gJOkJYHB9ElHS:Cn7zBjPp1H9ovoDa/gJzJYHBWZS

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

cf1549064127.f3322.net

Targets

    • Target

      d19a7e7b8a33452b87e2d9b2a2a42e4fcbd4a165f7b2db1ba66f601e9e3ce78c

    • Size

      49KB

    • MD5

      035229beab8891c52defc09633a7131a

    • SHA1

      a2264c38cd2d08fd7f646cf12f4b59a279713b1d

    • SHA256

      d19a7e7b8a33452b87e2d9b2a2a42e4fcbd4a165f7b2db1ba66f601e9e3ce78c

    • SHA512

      1e7bc7986736a20aa9073dd3afb0643c0a11b6fb4ebcc9a753f6fad863c3542e57521c806c35200193d0e012172b7679eaa20d47ed2950e2e854d6083176032e

    • SSDEEP

      1536:CDwMsml26T5zBj+alf1H9jfbyqkY4ZvoDUb/gJOkJYHB9ElHS:Cn7zBjPp1H9ovoDa/gJzJYHBWZS

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks