General

  • Target

    3a0cd1d6806a69f44f919a3f3a2641ef4b4dd4c02b8a3ff0419fbf5a690c6a02

  • Size

    899KB

  • Sample

    241230-qzdxrsypey

  • MD5

    cbdaa12f534565f9d4404cccd747ef47

  • SHA1

    30b12a410a1ae02f8e4895c9687d9ba658189726

  • SHA256

    3a0cd1d6806a69f44f919a3f3a2641ef4b4dd4c02b8a3ff0419fbf5a690c6a02

  • SHA512

    92884a411ffc6cac533cb574f63956fbaa6d162f8c4ccefd116e9bb9326d07a2c6b7caf10d8c5cc017ea018e07ad9df31eab02bea401f74780ea1fa2720ea364

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXi:7wqd87Vi

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      3a0cd1d6806a69f44f919a3f3a2641ef4b4dd4c02b8a3ff0419fbf5a690c6a02

    • Size

      899KB

    • MD5

      cbdaa12f534565f9d4404cccd747ef47

    • SHA1

      30b12a410a1ae02f8e4895c9687d9ba658189726

    • SHA256

      3a0cd1d6806a69f44f919a3f3a2641ef4b4dd4c02b8a3ff0419fbf5a690c6a02

    • SHA512

      92884a411ffc6cac533cb574f63956fbaa6d162f8c4ccefd116e9bb9326d07a2c6b7caf10d8c5cc017ea018e07ad9df31eab02bea401f74780ea1fa2720ea364

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXi:7wqd87Vi

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks