General

  • Target

    c61c6c821be079fc760177ad303a48e99763e8ae8a088244ce4254f77243d350

  • Size

    51KB

  • Sample

    240427-wyxalsed6t

  • MD5

    fecf8c0855974e0de29afd4f5fc9bea1

  • SHA1

    4417d822709c1e5b86874196fcb0e95d32c371e8

  • SHA256

    c61c6c821be079fc760177ad303a48e99763e8ae8a088244ce4254f77243d350

  • SHA512

    45d2fa32eb2d4649ae4626d2c840e602172f7c6331cfb115e3efc6cb9383dbe265496e8e43fbe86478c038ee02856ba5bead553c8752e97314da4b7db718e668

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fboGJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c61c6c821be079fc760177ad303a48e99763e8ae8a088244ce4254f77243d350

    • Size

      51KB

    • MD5

      fecf8c0855974e0de29afd4f5fc9bea1

    • SHA1

      4417d822709c1e5b86874196fcb0e95d32c371e8

    • SHA256

      c61c6c821be079fc760177ad303a48e99763e8ae8a088244ce4254f77243d350

    • SHA512

      45d2fa32eb2d4649ae4626d2c840e602172f7c6331cfb115e3efc6cb9383dbe265496e8e43fbe86478c038ee02856ba5bead553c8752e97314da4b7db718e668

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fboGJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks