General

  • Target

    0151f34b978217f9e65309c16bf5396b3fd25d6ef99bb7ccc0282b10b75b28cf

  • Size

    51KB

  • Sample

    240427-z3n2ksgh9w

  • MD5

    ac7a862cd1f380f70ea4676410750558

  • SHA1

    ab4177352794b41c54a264cf848aa0da467eca23

  • SHA256

    0151f34b978217f9e65309c16bf5396b3fd25d6ef99bb7ccc0282b10b75b28cf

  • SHA512

    1706980e4cbee3b1992a51db55f23bf74869086044af89884387e69e6d8125467aa16e316b70cc11e6ae834b4c297504689151f9cae8fde6724da063dfff7dff

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLsJYH5:1dWubF3n9S91BF3fbooJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0151f34b978217f9e65309c16bf5396b3fd25d6ef99bb7ccc0282b10b75b28cf

    • Size

      51KB

    • MD5

      ac7a862cd1f380f70ea4676410750558

    • SHA1

      ab4177352794b41c54a264cf848aa0da467eca23

    • SHA256

      0151f34b978217f9e65309c16bf5396b3fd25d6ef99bb7ccc0282b10b75b28cf

    • SHA512

      1706980e4cbee3b1992a51db55f23bf74869086044af89884387e69e6d8125467aa16e316b70cc11e6ae834b4c297504689151f9cae8fde6724da063dfff7dff

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLsJYH5:1dWubF3n9S91BF3fbooJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks