General

  • Target

    e6eb723a230b4ed574e331da128756e2bfd8652aad6eea6707b9ec7699f45d2a

  • Size

    51KB

  • Sample

    240429-dxk7vaha2z

  • MD5

    aed2d3d0adcfc0ad4f84cb2d59b7b300

  • SHA1

    a9f472a7b6551d3d0e927f5c3d45ce4457cefaf3

  • SHA256

    e6eb723a230b4ed574e331da128756e2bfd8652aad6eea6707b9ec7699f45d2a

  • SHA512

    9853302fd9080fa8a0f499a2a8f1daa44ba9a6744c11069c4b386dd49e4b9a7880f8e281a9514338e463f6e893b9dbd9e608ee190a06b520875bec77c95ab5ff

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLcJYH5:1dWubF3n9S91BF3fboIJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e6eb723a230b4ed574e331da128756e2bfd8652aad6eea6707b9ec7699f45d2a

    • Size

      51KB

    • MD5

      aed2d3d0adcfc0ad4f84cb2d59b7b300

    • SHA1

      a9f472a7b6551d3d0e927f5c3d45ce4457cefaf3

    • SHA256

      e6eb723a230b4ed574e331da128756e2bfd8652aad6eea6707b9ec7699f45d2a

    • SHA512

      9853302fd9080fa8a0f499a2a8f1daa44ba9a6744c11069c4b386dd49e4b9a7880f8e281a9514338e463f6e893b9dbd9e608ee190a06b520875bec77c95ab5ff

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLcJYH5:1dWubF3n9S91BF3fboIJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks