General

  • Target

    a0582bb37b903a1d9346ac320c7d705c2744c6fba5b783923cbfc54407c880ee

  • Size

    51KB

  • Sample

    240427-wxedeaed3w

  • MD5

    8b34916e9f8cba93dd423e51d240a8f2

  • SHA1

    345860eac20feb5d347dd11864009e6ebe3459ae

  • SHA256

    a0582bb37b903a1d9346ac320c7d705c2744c6fba5b783923cbfc54407c880ee

  • SHA512

    4f36532e93c2672f29f01fb7637a38a929642d9be5cd6070b099af2e6b984b61b58ca6b59737ef0167e32f6c1b326dcd3ae87ea1dc6a6f9b6d5c5babe126c1a3

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLjJYH5:1dWubF3n9S91BF3fboXJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      a0582bb37b903a1d9346ac320c7d705c2744c6fba5b783923cbfc54407c880ee

    • Size

      51KB

    • MD5

      8b34916e9f8cba93dd423e51d240a8f2

    • SHA1

      345860eac20feb5d347dd11864009e6ebe3459ae

    • SHA256

      a0582bb37b903a1d9346ac320c7d705c2744c6fba5b783923cbfc54407c880ee

    • SHA512

      4f36532e93c2672f29f01fb7637a38a929642d9be5cd6070b099af2e6b984b61b58ca6b59737ef0167e32f6c1b326dcd3ae87ea1dc6a6f9b6d5c5babe126c1a3

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLjJYH5:1dWubF3n9S91BF3fboXJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks