General

  • Target

    5be79f6dd15182ae134a918ee4d308f0d3e75591c2217aae9264f0a0541f6a50

  • Size

    51KB

  • Sample

    240427-wzkyzaed7v

  • MD5

    2d0b93fc843299d0886820b822dbe68e

  • SHA1

    b4980fa0630aa833a247efebeb18232e55bf862f

  • SHA256

    5be79f6dd15182ae134a918ee4d308f0d3e75591c2217aae9264f0a0541f6a50

  • SHA512

    29e49c7ad45f935994eb81bcbb597e1121b043971b40a4c5aa2610eccb3c588db3286038e0a748103a06960e45a010d8ee7216e69effea68e9ecaa8236a953f8

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLrJYH5:1dWubF3n9S91BF3fbo3JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5be79f6dd15182ae134a918ee4d308f0d3e75591c2217aae9264f0a0541f6a50

    • Size

      51KB

    • MD5

      2d0b93fc843299d0886820b822dbe68e

    • SHA1

      b4980fa0630aa833a247efebeb18232e55bf862f

    • SHA256

      5be79f6dd15182ae134a918ee4d308f0d3e75591c2217aae9264f0a0541f6a50

    • SHA512

      29e49c7ad45f935994eb81bcbb597e1121b043971b40a4c5aa2610eccb3c588db3286038e0a748103a06960e45a010d8ee7216e69effea68e9ecaa8236a953f8

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLrJYH5:1dWubF3n9S91BF3fbo3JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks