General

  • Target

    2f089003e795f6a8a850a35a46a9ce7c22c218e7d644aa24580c334ea454e22b

  • Size

    51KB

  • Sample

    240603-kdswxaad66

  • MD5

    4a80c4dcaa1361a4125cd2177972abe5

  • SHA1

    53f17bffe8b39ec60805577b42cfed018ae3806b

  • SHA256

    2f089003e795f6a8a850a35a46a9ce7c22c218e7d644aa24580c334ea454e22b

  • SHA512

    0664ccda016458977158e96b9929cf7637ee6732a2e6b09e49d2611be6717bad06f30a9871bb9d3b5db5d79f1fa810a33a7d42b727ba52de31c07a45e5f10000

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fboVJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      2f089003e795f6a8a850a35a46a9ce7c22c218e7d644aa24580c334ea454e22b

    • Size

      51KB

    • MD5

      4a80c4dcaa1361a4125cd2177972abe5

    • SHA1

      53f17bffe8b39ec60805577b42cfed018ae3806b

    • SHA256

      2f089003e795f6a8a850a35a46a9ce7c22c218e7d644aa24580c334ea454e22b

    • SHA512

      0664ccda016458977158e96b9929cf7637ee6732a2e6b09e49d2611be6717bad06f30a9871bb9d3b5db5d79f1fa810a33a7d42b727ba52de31c07a45e5f10000

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fboVJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks