General

  • Target

    be9c8cf28c998ba4376d7f844a8b4b7010d22038ba7e088d63299acbe11f1e12

  • Size

    51KB

  • Sample

    240428-x2me9afc7w

  • MD5

    4c4e3569ca61d6ef6fc42e0f6460d10a

  • SHA1

    87c29d83975bc3b45b0113c54f1792fcb095c3ea

  • SHA256

    be9c8cf28c998ba4376d7f844a8b4b7010d22038ba7e088d63299acbe11f1e12

  • SHA512

    5f32e164db30f08a11bcb0c41fef2cf161dd3d7c4111c6ba47208c97c4533f7ab1fd063be531a61be51eec7dd06fcd60e21cd2246bb870bddf0e301ccd656bbe

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLqJYH5:1dWubF3n9S91BF3fbo+JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      be9c8cf28c998ba4376d7f844a8b4b7010d22038ba7e088d63299acbe11f1e12

    • Size

      51KB

    • MD5

      4c4e3569ca61d6ef6fc42e0f6460d10a

    • SHA1

      87c29d83975bc3b45b0113c54f1792fcb095c3ea

    • SHA256

      be9c8cf28c998ba4376d7f844a8b4b7010d22038ba7e088d63299acbe11f1e12

    • SHA512

      5f32e164db30f08a11bcb0c41fef2cf161dd3d7c4111c6ba47208c97c4533f7ab1fd063be531a61be51eec7dd06fcd60e21cd2246bb870bddf0e301ccd656bbe

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLqJYH5:1dWubF3n9S91BF3fbo+JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks