Overview

overview

10

Static

static

10

13ea553aa5...8f.dll

windows7-x64

10

13ea553aa5...8f.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13ea553aa58915ec8753dd14db82ad88b2c197678dff61f0ff791f17b63ab58f

  • Size

    51KB

  • Sample

    240525-vl2h5abg73

  • MD5

    1872b5451e41416dc9600f90b4308362

  • SHA1

    78b7c236767167927b130aec898c7d9521c45854

  • SHA256

    13ea553aa58915ec8753dd14db82ad88b2c197678dff61f0ff791f17b63ab58f

  • SHA512

    0250bd106574d0ada79f71c85d68ffefc41a0dc1de45635bc9b58f73447abe11203b9585b15cbeb5b1ebcd32a8c498ddcace60b3383eea80e4d21a72488038bb

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frAMoLWJYH5:1dWubF3n9S91BF3fEMoKJYH5

Score
10/10
gh0stratrat

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      13ea553aa58915ec8753dd14db82ad88b2c197678dff61f0ff791f17b63ab58f

    • Size

      51KB

    • MD5

      1872b5451e41416dc9600f90b4308362

    • SHA1

      78b7c236767167927b130aec898c7d9521c45854

    • SHA256

      13ea553aa58915ec8753dd14db82ad88b2c197678dff61f0ff791f17b63ab58f

    • SHA512

      0250bd106574d0ada79f71c85d68ffefc41a0dc1de45635bc9b58f73447abe11203b9585b15cbeb5b1ebcd32a8c498ddcace60b3383eea80e4d21a72488038bb

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frAMoLWJYH5:1dWubF3n9S91BF3fEMoKJYH5

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks