General

  • Target

    d02d24c1c173e4b6584c34a629e04d0a76322058df323bc0e1cfdb2c96a4acba

  • Size

    899KB

  • Sample

    241230-ymj71symfs

  • MD5

    d2a75e867fa51df8a0335519afc02a60

  • SHA1

    649512f3edee0f0db7456865b79de6e2849746b7

  • SHA256

    d02d24c1c173e4b6584c34a629e04d0a76322058df323bc0e1cfdb2c96a4acba

  • SHA512

    bc3959b94c02342a38e84c380002e35766ca373f7d9892c77065e9b23ed7323b76ca885a4497465124725362d792fb7b4a6ed76eaef490c26f0ecbaf491a6c0d

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXx:7wqd87Vx

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      d02d24c1c173e4b6584c34a629e04d0a76322058df323bc0e1cfdb2c96a4acba

    • Size

      899KB

    • MD5

      d2a75e867fa51df8a0335519afc02a60

    • SHA1

      649512f3edee0f0db7456865b79de6e2849746b7

    • SHA256

      d02d24c1c173e4b6584c34a629e04d0a76322058df323bc0e1cfdb2c96a4acba

    • SHA512

      bc3959b94c02342a38e84c380002e35766ca373f7d9892c77065e9b23ed7323b76ca885a4497465124725362d792fb7b4a6ed76eaef490c26f0ecbaf491a6c0d

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXx:7wqd87Vx

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks