General

  • Target

    4d7545e400f6d67b861f0d27d45fc693f78752e4c8ef3aa73cc3110cc7553389

  • Size

    899KB

  • Sample

    241230-tck94s1pfs

  • MD5

    9f5cd24ce98784d109f4091b88a2c15f

  • SHA1

    14e7909fc0dd2edf2062b254d304bb2c31af3a45

  • SHA256

    4d7545e400f6d67b861f0d27d45fc693f78752e4c8ef3aa73cc3110cc7553389

  • SHA512

    1cecbd18576989258bd15ff754c501407e52baa8b604b4e0643e3707c653bd6fed9cd2a702535ecc3ce41d886004f08bf19b980c5450c69f5259fba18510c571

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXC:7wqd87VC

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      4d7545e400f6d67b861f0d27d45fc693f78752e4c8ef3aa73cc3110cc7553389

    • Size

      899KB

    • MD5

      9f5cd24ce98784d109f4091b88a2c15f

    • SHA1

      14e7909fc0dd2edf2062b254d304bb2c31af3a45

    • SHA256

      4d7545e400f6d67b861f0d27d45fc693f78752e4c8ef3aa73cc3110cc7553389

    • SHA512

      1cecbd18576989258bd15ff754c501407e52baa8b604b4e0643e3707c653bd6fed9cd2a702535ecc3ce41d886004f08bf19b980c5450c69f5259fba18510c571

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXC:7wqd87VC

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks