General

  • Target

    a6e0cc8f93cabe855fc3dbb9acdc32ff989752dc38863999c4298e551ac29643

  • Size

    51KB

  • Sample

    240525-3kaysaee9w

  • MD5

    f6cda9d5c8da47cab2ea63c3b9dc5098

  • SHA1

    8184f387a4b71b0626af88656925b709d1db9675

  • SHA256

    a6e0cc8f93cabe855fc3dbb9acdc32ff989752dc38863999c4298e551ac29643

  • SHA512

    db369cada9aedb3df8b99343c727fd12f62f3f8c71a16400ad8f545cc2d716482916704c4dec829ea7f73d5fbe8550bd3d17b981790ebd4e135ec772a2d79163

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frDaoLmJYH5:1dWubF3n9S91BF3fXaoCJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      a6e0cc8f93cabe855fc3dbb9acdc32ff989752dc38863999c4298e551ac29643

    • Size

      51KB

    • MD5

      f6cda9d5c8da47cab2ea63c3b9dc5098

    • SHA1

      8184f387a4b71b0626af88656925b709d1db9675

    • SHA256

      a6e0cc8f93cabe855fc3dbb9acdc32ff989752dc38863999c4298e551ac29643

    • SHA512

      db369cada9aedb3df8b99343c727fd12f62f3f8c71a16400ad8f545cc2d716482916704c4dec829ea7f73d5fbe8550bd3d17b981790ebd4e135ec772a2d79163

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frDaoLmJYH5:1dWubF3n9S91BF3fXaoCJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks