General

  • Target

    811e13c9ee8391453c477993815ef06e2e8308ea722a84d8dcc2fa01a1d94d9c

  • Size

    51KB

  • Sample

    240428-wzdjwsdf94

  • MD5

    e8b6aafa4ae101a36394f6446f4c85fe

  • SHA1

    766f1fcb43fba905878f41ce3244c0b5effaf28d

  • SHA256

    811e13c9ee8391453c477993815ef06e2e8308ea722a84d8dcc2fa01a1d94d9c

  • SHA512

    e4898eb6d31877d8662fa10702fe932e012c9d55ab9cacafd1409f7ea5ea83225840ae3031e5781a2744fffdff243bdfd0ca14b11c88d34c6da63d165184705f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLRJYH5:1dWubF3n9S91BF3fboVJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      811e13c9ee8391453c477993815ef06e2e8308ea722a84d8dcc2fa01a1d94d9c

    • Size

      51KB

    • MD5

      e8b6aafa4ae101a36394f6446f4c85fe

    • SHA1

      766f1fcb43fba905878f41ce3244c0b5effaf28d

    • SHA256

      811e13c9ee8391453c477993815ef06e2e8308ea722a84d8dcc2fa01a1d94d9c

    • SHA512

      e4898eb6d31877d8662fa10702fe932e012c9d55ab9cacafd1409f7ea5ea83225840ae3031e5781a2744fffdff243bdfd0ca14b11c88d34c6da63d165184705f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLRJYH5:1dWubF3n9S91BF3fboVJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks