General

  • Target

    3851ecbe57424a47089c386df07bc6e6156f36b626e6c5f81f85771df911de62

  • Size

    51KB

  • Sample

    240428-wxkkesdf39

  • MD5

    0b7bae957bcf0db3799f9b8723672c4b

  • SHA1

    194a37ef14d98f709209064b915eb2ff3268a033

  • SHA256

    3851ecbe57424a47089c386df07bc6e6156f36b626e6c5f81f85771df911de62

  • SHA512

    afb1840a765d4722dd8bdb6e2e80f58e125d7becd1595511fe53a3c5d4e95366336defe3d233075ca18c34aeb14fb9e0e7c6fad591b8d3b28384f2999ebbe12b

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLOJYH5:1dWubF3n9S91BF3fboCJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3851ecbe57424a47089c386df07bc6e6156f36b626e6c5f81f85771df911de62

    • Size

      51KB

    • MD5

      0b7bae957bcf0db3799f9b8723672c4b

    • SHA1

      194a37ef14d98f709209064b915eb2ff3268a033

    • SHA256

      3851ecbe57424a47089c386df07bc6e6156f36b626e6c5f81f85771df911de62

    • SHA512

      afb1840a765d4722dd8bdb6e2e80f58e125d7becd1595511fe53a3c5d4e95366336defe3d233075ca18c34aeb14fb9e0e7c6fad591b8d3b28384f2999ebbe12b

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLOJYH5:1dWubF3n9S91BF3fboCJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks