General

  • Target

    461152c27421d508ee958b347a4a2fc02c42424dc1ef2ec4a93b4ee8dc131f94

  • Size

    899KB

  • Sample

    241230-ntp2qsvnbn

  • MD5

    f7342535d7ae31281c68cbea0a403336

  • SHA1

    28736b2374ce022a390847ee3f4f3e842df64dcf

  • SHA256

    461152c27421d508ee958b347a4a2fc02c42424dc1ef2ec4a93b4ee8dc131f94

  • SHA512

    1fb96287f0ede6531a4f20f69674c2a3b0822e090523662d776503bea22967697f8155482ad8dda60dd6e261c064a427c176961dc78856eabeca732b65320189

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXS:7wqd87VS

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      461152c27421d508ee958b347a4a2fc02c42424dc1ef2ec4a93b4ee8dc131f94

    • Size

      899KB

    • MD5

      f7342535d7ae31281c68cbea0a403336

    • SHA1

      28736b2374ce022a390847ee3f4f3e842df64dcf

    • SHA256

      461152c27421d508ee958b347a4a2fc02c42424dc1ef2ec4a93b4ee8dc131f94

    • SHA512

      1fb96287f0ede6531a4f20f69674c2a3b0822e090523662d776503bea22967697f8155482ad8dda60dd6e261c064a427c176961dc78856eabeca732b65320189

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXS:7wqd87VS

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks