General

  • Target

    a32177d4ca1837c56e183518e3b0d9c10c45eeb6ed8bd07371253804c3cccf9f

  • Size

    51KB

  • Sample

    240525-c1ptrsbf94

  • MD5

    aa32c60c0f31617cc8c2c9b260fa9ebc

  • SHA1

    f4329c61d358fddaee8b2d1f63a85043da3e26fb

  • SHA256

    a32177d4ca1837c56e183518e3b0d9c10c45eeb6ed8bd07371253804c3cccf9f

  • SHA512

    6fcfa69f8c6fc18fcfb32ad4ce6cb8e0659054a26302316c92fc6726077d1c0e4068f6a306fc5c5aa0f3ca7077d9798ca37244747a67b5dfe0811e0c6e6c43b1

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frkoLHJYH5:1dWubF3n9S91BF3fwojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      a32177d4ca1837c56e183518e3b0d9c10c45eeb6ed8bd07371253804c3cccf9f

    • Size

      51KB

    • MD5

      aa32c60c0f31617cc8c2c9b260fa9ebc

    • SHA1

      f4329c61d358fddaee8b2d1f63a85043da3e26fb

    • SHA256

      a32177d4ca1837c56e183518e3b0d9c10c45eeb6ed8bd07371253804c3cccf9f

    • SHA512

      6fcfa69f8c6fc18fcfb32ad4ce6cb8e0659054a26302316c92fc6726077d1c0e4068f6a306fc5c5aa0f3ca7077d9798ca37244747a67b5dfe0811e0c6e6c43b1

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frkoLHJYH5:1dWubF3n9S91BF3fwojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks