General

  • Target

    9c8bce07c8c2bb374f9e6c7731e44c578f42afc0ec685ae2c25673048231121f

  • Size

    51KB

  • Sample

    240427-28clvaba2z

  • MD5

    27ca0aec69d87b6dd00da6d7dc02cb78

  • SHA1

    575f519184d4089c90ee6a9465f38be198df0971

  • SHA256

    9c8bce07c8c2bb374f9e6c7731e44c578f42afc0ec685ae2c25673048231121f

  • SHA512

    6fa8f1b57c74e8a793066debb4b2ef03e49b63f9b9d2604f0a729b86324a65ea70f9e9efa146d4d9cb517c864ade6189b24af9c5cb05b5ee1d4f98c834af4fa3

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLDJYH5:1dWubF3n9S91BF3fbofJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      9c8bce07c8c2bb374f9e6c7731e44c578f42afc0ec685ae2c25673048231121f

    • Size

      51KB

    • MD5

      27ca0aec69d87b6dd00da6d7dc02cb78

    • SHA1

      575f519184d4089c90ee6a9465f38be198df0971

    • SHA256

      9c8bce07c8c2bb374f9e6c7731e44c578f42afc0ec685ae2c25673048231121f

    • SHA512

      6fa8f1b57c74e8a793066debb4b2ef03e49b63f9b9d2604f0a729b86324a65ea70f9e9efa146d4d9cb517c864ade6189b24af9c5cb05b5ee1d4f98c834af4fa3

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLDJYH5:1dWubF3n9S91BF3fbofJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks