General

  • Target

    70bfa6722c410f81ddc6f986ff9516f2c27cb431892256d43eae2719425a9778

  • Size

    51KB

  • Sample

    240603-jeyywagb8y

  • MD5

    8e25a432bd04835e6a3f26636dc121e4

  • SHA1

    4c79b0addfa07e10549902feb288bcb8d6dc6cb4

  • SHA256

    70bfa6722c410f81ddc6f986ff9516f2c27cb431892256d43eae2719425a9778

  • SHA512

    7536766924c6f944e62c327afefc697ca22d6b1a34b098e92b804a8b43c85da85266a4de0b7ae59a505aea750c3a04f35508bf82cec321743b4f83e1c303a989

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fboeJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      70bfa6722c410f81ddc6f986ff9516f2c27cb431892256d43eae2719425a9778

    • Size

      51KB

    • MD5

      8e25a432bd04835e6a3f26636dc121e4

    • SHA1

      4c79b0addfa07e10549902feb288bcb8d6dc6cb4

    • SHA256

      70bfa6722c410f81ddc6f986ff9516f2c27cb431892256d43eae2719425a9778

    • SHA512

      7536766924c6f944e62c327afefc697ca22d6b1a34b098e92b804a8b43c85da85266a4de0b7ae59a505aea750c3a04f35508bf82cec321743b4f83e1c303a989

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fboeJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks