General

  • Target

    bdbd90c44183d4b542ef6c4dd70cf7b492c5c6e8d15b42e1976a527ff33a042a

  • Size

    51KB

  • Sample

    240427-28ca3sag28

  • MD5

    b3fc9df16af2357d553a1dbcce85511e

  • SHA1

    1541a054c898aaf83af86921b0831ffd5924f018

  • SHA256

    bdbd90c44183d4b542ef6c4dd70cf7b492c5c6e8d15b42e1976a527ff33a042a

  • SHA512

    ffc07c22e7dc54c1146eb1548f31a31fd0365359a0fc3b4101aeb9fd2389a31e2f428d87e026eb1cdd8adbe06b500ec01a04f528f99a1ebb1da99eff66a22fba

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLQJYH5:1dWubF3n9S91BF3fboUJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      bdbd90c44183d4b542ef6c4dd70cf7b492c5c6e8d15b42e1976a527ff33a042a

    • Size

      51KB

    • MD5

      b3fc9df16af2357d553a1dbcce85511e

    • SHA1

      1541a054c898aaf83af86921b0831ffd5924f018

    • SHA256

      bdbd90c44183d4b542ef6c4dd70cf7b492c5c6e8d15b42e1976a527ff33a042a

    • SHA512

      ffc07c22e7dc54c1146eb1548f31a31fd0365359a0fc3b4101aeb9fd2389a31e2f428d87e026eb1cdd8adbe06b500ec01a04f528f99a1ebb1da99eff66a22fba

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLQJYH5:1dWubF3n9S91BF3fboUJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks