General

  • Target

    b3b0b0b0438de66f4380d955e5e26b4384b2f84c4fac5b72f97d47c5520d2c32

  • Size

    51KB

  • Sample

    240603-mk17zabd5v

  • MD5

    cebe9ce94d9f37260669dbd21f4f3c99

  • SHA1

    bcb7eaba4f09b12998051501475b98840a5e20a8

  • SHA256

    b3b0b0b0438de66f4380d955e5e26b4384b2f84c4fac5b72f97d47c5520d2c32

  • SHA512

    719dcef48021f004077fbd81419add3085986c88fb76dbb24fb99671530306e11acb8a4ef15868403a8f86aee6b1ca7548955765266fa1ba043fc91e37b18ab0

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fboLJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      b3b0b0b0438de66f4380d955e5e26b4384b2f84c4fac5b72f97d47c5520d2c32

    • Size

      51KB

    • MD5

      cebe9ce94d9f37260669dbd21f4f3c99

    • SHA1

      bcb7eaba4f09b12998051501475b98840a5e20a8

    • SHA256

      b3b0b0b0438de66f4380d955e5e26b4384b2f84c4fac5b72f97d47c5520d2c32

    • SHA512

      719dcef48021f004077fbd81419add3085986c88fb76dbb24fb99671530306e11acb8a4ef15868403a8f86aee6b1ca7548955765266fa1ba043fc91e37b18ab0

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fboLJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks