General

  • Target

    ade2e46d03c8a611a772252d5f024fe64c723656548c44864e3d5d59bda9aafc

  • Size

    51KB

  • Sample

    240428-xzvnvaeh63

  • MD5

    a9f2490efaaf880ca21dece9f995683a

  • SHA1

    3a5a7e5883436bbdce0d0894d7c0f3a42c84fe99

  • SHA256

    ade2e46d03c8a611a772252d5f024fe64c723656548c44864e3d5d59bda9aafc

  • SHA512

    bfaa499aa6d45151b42260b48bcbb5e9012a8b9d352070460cb2b17d077dea5842fb443caf5bdada6eae0060bfa000c927b6c28e63e5230ae7dafdea6b089d07

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL/JYH5:1dWubF3n9S91BF3fborJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      ade2e46d03c8a611a772252d5f024fe64c723656548c44864e3d5d59bda9aafc

    • Size

      51KB

    • MD5

      a9f2490efaaf880ca21dece9f995683a

    • SHA1

      3a5a7e5883436bbdce0d0894d7c0f3a42c84fe99

    • SHA256

      ade2e46d03c8a611a772252d5f024fe64c723656548c44864e3d5d59bda9aafc

    • SHA512

      bfaa499aa6d45151b42260b48bcbb5e9012a8b9d352070460cb2b17d077dea5842fb443caf5bdada6eae0060bfa000c927b6c28e63e5230ae7dafdea6b089d07

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL/JYH5:1dWubF3n9S91BF3fborJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks