General

  • Target

    09b1a3e469e7dfce56d1485febb7605f7768cebb03ee3ed6b7367237ba82392c

  • Size

    51KB

  • Sample

    240427-z3pccagh9x

  • MD5

    0c674ccb61f5fd3a7977dea95793add9

  • SHA1

    94012247cdb3145ec46f33285252b8756a8654da

  • SHA256

    09b1a3e469e7dfce56d1485febb7605f7768cebb03ee3ed6b7367237ba82392c

  • SHA512

    38e35108340a8d1f24523878a93c98aeb1f6f297c20c2fe1f0a03cfff103ec5472c044ba5eaa2e2f8dbe27a8fb38dae81086b3198617a5eed95271c3bad6d65e

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLzJYH5:1dWubF3n9S91BF3fboPJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      09b1a3e469e7dfce56d1485febb7605f7768cebb03ee3ed6b7367237ba82392c

    • Size

      51KB

    • MD5

      0c674ccb61f5fd3a7977dea95793add9

    • SHA1

      94012247cdb3145ec46f33285252b8756a8654da

    • SHA256

      09b1a3e469e7dfce56d1485febb7605f7768cebb03ee3ed6b7367237ba82392c

    • SHA512

      38e35108340a8d1f24523878a93c98aeb1f6f297c20c2fe1f0a03cfff103ec5472c044ba5eaa2e2f8dbe27a8fb38dae81086b3198617a5eed95271c3bad6d65e

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLzJYH5:1dWubF3n9S91BF3fboPJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks