General

  • Target

    e61393bd80075723f99a8a28baeccd8075984014f207a1edfb33cfde8a9f32ea

  • Size

    51KB

  • Sample

    240429-wxlsgshb87

  • MD5

    baa0ef6202871464c486492a5e16a2d6

  • SHA1

    4a2607f1a2b1e50e6c09cdc7e235de2a9753d409

  • SHA256

    e61393bd80075723f99a8a28baeccd8075984014f207a1edfb33cfde8a9f32ea

  • SHA512

    b6953dd3a9058e0a8f98f37eae6af6c2f27a7187901cfaafea90bd9bd2ae6615580eb0d606f48506d19bd4bd7bbbcc035b90baf37cec9423ad34369370179f65

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fbo+JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e61393bd80075723f99a8a28baeccd8075984014f207a1edfb33cfde8a9f32ea

    • Size

      51KB

    • MD5

      baa0ef6202871464c486492a5e16a2d6

    • SHA1

      4a2607f1a2b1e50e6c09cdc7e235de2a9753d409

    • SHA256

      e61393bd80075723f99a8a28baeccd8075984014f207a1edfb33cfde8a9f32ea

    • SHA512

      b6953dd3a9058e0a8f98f37eae6af6c2f27a7187901cfaafea90bd9bd2ae6615580eb0d606f48506d19bd4bd7bbbcc035b90baf37cec9423ad34369370179f65

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fbo+JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks