General

  • Target

    51fb678dd86e19f14aaa85b0944b90f0d98d03b085a8af4cc92dd5c318a7b2db

  • Size

    51KB

  • Sample

    240428-wzas1aea5s

  • MD5

    48dbe016df4b7a81e8c10838a9367df3

  • SHA1

    45d28bdb1b743683f38bb055df92eb96f2b362a1

  • SHA256

    51fb678dd86e19f14aaa85b0944b90f0d98d03b085a8af4cc92dd5c318a7b2db

  • SHA512

    ea17a160c59ecf93ca85d13121ecd6593136cb8d9b3c2f1770dae8d5c1c39ddb995ec1aa07aae4977ba9256b1a64f3b5dd878611f0f32c6ddb544c982ebdc170

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL3JYH5:1dWubF3n9S91BF3fbobJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      51fb678dd86e19f14aaa85b0944b90f0d98d03b085a8af4cc92dd5c318a7b2db

    • Size

      51KB

    • MD5

      48dbe016df4b7a81e8c10838a9367df3

    • SHA1

      45d28bdb1b743683f38bb055df92eb96f2b362a1

    • SHA256

      51fb678dd86e19f14aaa85b0944b90f0d98d03b085a8af4cc92dd5c318a7b2db

    • SHA512

      ea17a160c59ecf93ca85d13121ecd6593136cb8d9b3c2f1770dae8d5c1c39ddb995ec1aa07aae4977ba9256b1a64f3b5dd878611f0f32c6ddb544c982ebdc170

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL3JYH5:1dWubF3n9S91BF3fbobJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks