General

  • Target

    2a8c690f94eaa8a6856e3a760559b3fd960515b8ca002056f9127d533df1a398

  • Size

    51KB

  • Sample

    240427-w1s1zaed8x

  • MD5

    482dd5bd3e73d44c3da11e64f425717d

  • SHA1

    5a4c8ec7440067b98db5f73af0b2749c25f82b0e

  • SHA256

    2a8c690f94eaa8a6856e3a760559b3fd960515b8ca002056f9127d533df1a398

  • SHA512

    e1b97b676e185887c2b7721cf996de1c137c7eb8e0e208529545a038280a081801ef2d586fc80079dc5f9a4250f038b8094e8af3650e3c9768bb46697b32a81b

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLdJYH5:1dWubF3n9S91BF3fboRJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      2a8c690f94eaa8a6856e3a760559b3fd960515b8ca002056f9127d533df1a398

    • Size

      51KB

    • MD5

      482dd5bd3e73d44c3da11e64f425717d

    • SHA1

      5a4c8ec7440067b98db5f73af0b2749c25f82b0e

    • SHA256

      2a8c690f94eaa8a6856e3a760559b3fd960515b8ca002056f9127d533df1a398

    • SHA512

      e1b97b676e185887c2b7721cf996de1c137c7eb8e0e208529545a038280a081801ef2d586fc80079dc5f9a4250f038b8094e8af3650e3c9768bb46697b32a81b

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLdJYH5:1dWubF3n9S91BF3fboRJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks