General

  • Target

    f53c89060d27896abe8d37e3a8e5860aba175ca55babd302a81be81f12d1b0e1

  • Size

    51KB

  • Sample

    240428-xz7cmseh67

  • MD5

    4473c571d5f6c92b8cd4d0b4cfc10193

  • SHA1

    96d5ea4badf8c0249bc9ff7a470fbe62068bd096

  • SHA256

    f53c89060d27896abe8d37e3a8e5860aba175ca55babd302a81be81f12d1b0e1

  • SHA512

    5f5dac5d9f8005977140c070e571cbfc49f2b7ed0ffa2f79da5c210ef4eb203f725539cec57ac6eafada4b1da9fe7eb3ab34831d3f51dee695b7eeb221b09cd0

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLWJYH5:1dWubF3n9S91BF3fboyJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f53c89060d27896abe8d37e3a8e5860aba175ca55babd302a81be81f12d1b0e1

    • Size

      51KB

    • MD5

      4473c571d5f6c92b8cd4d0b4cfc10193

    • SHA1

      96d5ea4badf8c0249bc9ff7a470fbe62068bd096

    • SHA256

      f53c89060d27896abe8d37e3a8e5860aba175ca55babd302a81be81f12d1b0e1

    • SHA512

      5f5dac5d9f8005977140c070e571cbfc49f2b7ed0ffa2f79da5c210ef4eb203f725539cec57ac6eafada4b1da9fe7eb3ab34831d3f51dee695b7eeb221b09cd0

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLWJYH5:1dWubF3n9S91BF3fboyJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks