General

  • Target

    01cb9dced57e9bb1c0626026eefefd4a0505cf91708b4ec13ad19e7e2918bd17

  • Size

    51KB

  • Sample

    240427-z47kbagf78

  • MD5

    26f415c52aa7454b09487a2e256de788

  • SHA1

    02766e49df7c3ea57f3798dbbbf08c7c66308016

  • SHA256

    01cb9dced57e9bb1c0626026eefefd4a0505cf91708b4ec13ad19e7e2918bd17

  • SHA512

    6cc2b356643d1e4b96b2826f32fb42359c2befc8b947f8da963f68acce77f122bbb96ae98145dfcd31028d74d26c01616fad028906727828c1b6828f58830d39

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLUJYH5:1dWubF3n9S91BF3fbogJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      01cb9dced57e9bb1c0626026eefefd4a0505cf91708b4ec13ad19e7e2918bd17

    • Size

      51KB

    • MD5

      26f415c52aa7454b09487a2e256de788

    • SHA1

      02766e49df7c3ea57f3798dbbbf08c7c66308016

    • SHA256

      01cb9dced57e9bb1c0626026eefefd4a0505cf91708b4ec13ad19e7e2918bd17

    • SHA512

      6cc2b356643d1e4b96b2826f32fb42359c2befc8b947f8da963f68acce77f122bbb96ae98145dfcd31028d74d26c01616fad028906727828c1b6828f58830d39

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLUJYH5:1dWubF3n9S91BF3fbogJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks