General

  • Target

    9a97630cc5588645ee2008711e6aeb7ef3db1be501070fd255444a95b4a2261c

  • Size

    51KB

  • Sample

    240427-293jnaag73

  • MD5

    961b2f3ac8f04cbd7a26b8a363228250

  • SHA1

    416f4a8b0cb9e4feb752900a3d31a8f46c808517

  • SHA256

    9a97630cc5588645ee2008711e6aeb7ef3db1be501070fd255444a95b4a2261c

  • SHA512

    7e1279d56e4eb2884f3368d905f88266a3784a92847fb7206e67921f9df2fafdb5275742bcee626649c0dd298a13cf050453625f5f580c08a87f099b26e703e6

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLDJYH5:1dWubF3n9S91BF3fbonJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      9a97630cc5588645ee2008711e6aeb7ef3db1be501070fd255444a95b4a2261c

    • Size

      51KB

    • MD5

      961b2f3ac8f04cbd7a26b8a363228250

    • SHA1

      416f4a8b0cb9e4feb752900a3d31a8f46c808517

    • SHA256

      9a97630cc5588645ee2008711e6aeb7ef3db1be501070fd255444a95b4a2261c

    • SHA512

      7e1279d56e4eb2884f3368d905f88266a3784a92847fb7206e67921f9df2fafdb5275742bcee626649c0dd298a13cf050453625f5f580c08a87f099b26e703e6

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLDJYH5:1dWubF3n9S91BF3fbonJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks