General

  • Target

    3ee4c59e3e10c733cc0a9189c56e2162dea9388e764ff6d74d73921db4861900

  • Size

    51KB

  • Sample

    240429-15z3ascf77

  • MD5

    b9ae6f9e12ef1089eb8fea56bff57eb1

  • SHA1

    51b5d2ea0135e079dd8b67bdb57960731b95dba9

  • SHA256

    3ee4c59e3e10c733cc0a9189c56e2162dea9388e764ff6d74d73921db4861900

  • SHA512

    e8eff47bacfe9fac661cd1822b23dd2941a1e000042c84efb29e3de8f630c78f2bcabbfaccde0e205c74d9bdee8f7aac4898483d32c6265257e584a5dfa07999

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLVJYH5:1dWubF3n9S91BF3fboJJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3ee4c59e3e10c733cc0a9189c56e2162dea9388e764ff6d74d73921db4861900

    • Size

      51KB

    • MD5

      b9ae6f9e12ef1089eb8fea56bff57eb1

    • SHA1

      51b5d2ea0135e079dd8b67bdb57960731b95dba9

    • SHA256

      3ee4c59e3e10c733cc0a9189c56e2162dea9388e764ff6d74d73921db4861900

    • SHA512

      e8eff47bacfe9fac661cd1822b23dd2941a1e000042c84efb29e3de8f630c78f2bcabbfaccde0e205c74d9bdee8f7aac4898483d32c6265257e584a5dfa07999

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLVJYH5:1dWubF3n9S91BF3fboJJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks