General

  • Target

    7bfaba671020fb287a3cb85049583d4d32ce75c1c796351cdef7538a59a952aa

  • Size

    51KB

  • Sample

    240427-j62h3sfc3s

  • MD5

    28095631771b772bb2191b73525ab60f

  • SHA1

    162eae48d62d32c2ca1268f34b8308a89dfb1d2b

  • SHA256

    7bfaba671020fb287a3cb85049583d4d32ce75c1c796351cdef7538a59a952aa

  • SHA512

    32f0cc88dd78706826031198ea76526657479fd334c155a792d7e57b3242a9cb744a8c49cffe2f5a7ea8452bd7286ebed68041d4cc5bdbeec0821fe4c6bfd1c7

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZJYH5:1dWubF3n9S91BF3fbolJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      7bfaba671020fb287a3cb85049583d4d32ce75c1c796351cdef7538a59a952aa

    • Size

      51KB

    • MD5

      28095631771b772bb2191b73525ab60f

    • SHA1

      162eae48d62d32c2ca1268f34b8308a89dfb1d2b

    • SHA256

      7bfaba671020fb287a3cb85049583d4d32ce75c1c796351cdef7538a59a952aa

    • SHA512

      32f0cc88dd78706826031198ea76526657479fd334c155a792d7e57b3242a9cb744a8c49cffe2f5a7ea8452bd7286ebed68041d4cc5bdbeec0821fe4c6bfd1c7

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZJYH5:1dWubF3n9S91BF3fbolJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks