General

  • Target

    0b50046b04ec9f488e04b50fc0f0e29ca86803b622960d7111ba1b4b132e673d

  • Size

    51KB

  • Sample

    240429-xx1r3sah7x

  • MD5

    ed5d2e160c934fe7275efc2ab6903bf4

  • SHA1

    65cbb8e8c492919a7a16ddb1e45f3a79198e0452

  • SHA256

    0b50046b04ec9f488e04b50fc0f0e29ca86803b622960d7111ba1b4b132e673d

  • SHA512

    f05f615598c2a5f7ca4992113b53b4fce1acde8b9ec11534a958feaa5804288367cb0566336ec9d5bcfefeffc74f67547123897f291e3cf8ab0a9b91524baeb1

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLtJYH5:1dWubF3n9S91BF3fbopJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0b50046b04ec9f488e04b50fc0f0e29ca86803b622960d7111ba1b4b132e673d

    • Size

      51KB

    • MD5

      ed5d2e160c934fe7275efc2ab6903bf4

    • SHA1

      65cbb8e8c492919a7a16ddb1e45f3a79198e0452

    • SHA256

      0b50046b04ec9f488e04b50fc0f0e29ca86803b622960d7111ba1b4b132e673d

    • SHA512

      f05f615598c2a5f7ca4992113b53b4fce1acde8b9ec11534a958feaa5804288367cb0566336ec9d5bcfefeffc74f67547123897f291e3cf8ab0a9b91524baeb1

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLtJYH5:1dWubF3n9S91BF3fbopJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks