General
-
Target
eb0dbe9892dfe9254e916fc520bf355912d7dd9670ddba0495efe95ef6a76558
-
Size
51KB
-
Sample
240522-2axt5aba9v
-
MD5
098349ae20cc7ca6b52219db9e1f170b
-
SHA1
a07d5c7d44dc7d1e0efaf1bb7cc958d3554b8316
-
SHA256
eb0dbe9892dfe9254e916fc520bf355912d7dd9670ddba0495efe95ef6a76558
-
SHA512
c38d86b15e2e02b8531faa85a384bc5bdaac0e67faf0dff96d952495b779fbe7ba146f66f19714e3a4b4cde814c8932e20fd48b114da894e80c501f961bf4fb3
-
SSDEEP
1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboyJYH5
Malware Config
Extracted
gh0strat
kinh.xmcxmr.com
Targets
-
-
Target
eb0dbe9892dfe9254e916fc520bf355912d7dd9670ddba0495efe95ef6a76558
-
Size
51KB
-
MD5
098349ae20cc7ca6b52219db9e1f170b
-
SHA1
a07d5c7d44dc7d1e0efaf1bb7cc958d3554b8316
-
SHA256
eb0dbe9892dfe9254e916fc520bf355912d7dd9670ddba0495efe95ef6a76558
-
SHA512
c38d86b15e2e02b8531faa85a384bc5bdaac0e67faf0dff96d952495b779fbe7ba146f66f19714e3a4b4cde814c8932e20fd48b114da894e80c501f961bf4fb3
-
SSDEEP
1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboyJYH5
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-