General

  • Target

    f839262c0b2c5dae5bd765093cb23412cdd7fdf828d1f279ee00a1a3888c72d3

  • Size

    51KB

  • Sample

    240427-j6569sfc3v

  • MD5

    7fa48f033245b8eb13f2339969d2b6e3

  • SHA1

    10c24d497e23ddbbebedf94cb26da6bfc28b849e

  • SHA256

    f839262c0b2c5dae5bd765093cb23412cdd7fdf828d1f279ee00a1a3888c72d3

  • SHA512

    7898b559459032ebfcebf65ae9b341d1cb233f123a4c03530a8cb7c454ce2c7295e36eba2695edda5a3d40fd6f21e185b64a1b8401e0b06d3eb07c4f88b7b3db

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLOJYH5:1dWubF3n9S91BF3fboyJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f839262c0b2c5dae5bd765093cb23412cdd7fdf828d1f279ee00a1a3888c72d3

    • Size

      51KB

    • MD5

      7fa48f033245b8eb13f2339969d2b6e3

    • SHA1

      10c24d497e23ddbbebedf94cb26da6bfc28b849e

    • SHA256

      f839262c0b2c5dae5bd765093cb23412cdd7fdf828d1f279ee00a1a3888c72d3

    • SHA512

      7898b559459032ebfcebf65ae9b341d1cb233f123a4c03530a8cb7c454ce2c7295e36eba2695edda5a3d40fd6f21e185b64a1b8401e0b06d3eb07c4f88b7b3db

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLOJYH5:1dWubF3n9S91BF3fboyJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks