General

  • Target

    8259b46c5fadc3b15cef09c74161fa697188cbc67e7bfb4e9426f6dbdb00ba61

  • Size

    51KB

  • Sample

    240428-wy19kaea4t

  • MD5

    834c5d7b68edddf362af5fa78389538b

  • SHA1

    639d074f800799ab1fef30ad3e31267668b7d5bd

  • SHA256

    8259b46c5fadc3b15cef09c74161fa697188cbc67e7bfb4e9426f6dbdb00ba61

  • SHA512

    7cb96c78d12eae3979eb6c4c36784cbdc037670aae75f92dbaee284c36a92add619d4a0b0247af9f64fcf5ad35f033b0c2b755c88e49e85fd4b589aa02d8d9fc

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fbo+JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      8259b46c5fadc3b15cef09c74161fa697188cbc67e7bfb4e9426f6dbdb00ba61

    • Size

      51KB

    • MD5

      834c5d7b68edddf362af5fa78389538b

    • SHA1

      639d074f800799ab1fef30ad3e31267668b7d5bd

    • SHA256

      8259b46c5fadc3b15cef09c74161fa697188cbc67e7bfb4e9426f6dbdb00ba61

    • SHA512

      7cb96c78d12eae3979eb6c4c36784cbdc037670aae75f92dbaee284c36a92add619d4a0b0247af9f64fcf5ad35f033b0c2b755c88e49e85fd4b589aa02d8d9fc

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fbo+JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks