General

  • Target

    a060eaaca8092e1f9e8fee23b9832c80_NeikiAnalytics.exe

  • Size

    51KB

  • Sample

    240603-mp3xcsbf4v

  • MD5

    a060eaaca8092e1f9e8fee23b9832c80

  • SHA1

    ab84359fdf774254dd0ad987e1d2f15b3360306a

  • SHA256

    a6dc3cd406890c2f67f66c088680996623f5e5634602386a82223f1627d0a8f6

  • SHA512

    500ad6eae6095d4052c3a5e63dd7e2a8ada8118377989bffff8130739519f112e1332462a01b899af6b8be97bd3f3b516e0d7706ece1bda94b127a325f95de48

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLwJYH5:1dWubF3n9S91BF3fboEJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      a060eaaca8092e1f9e8fee23b9832c80_NeikiAnalytics.exe

    • Size

      51KB

    • MD5

      a060eaaca8092e1f9e8fee23b9832c80

    • SHA1

      ab84359fdf774254dd0ad987e1d2f15b3360306a

    • SHA256

      a6dc3cd406890c2f67f66c088680996623f5e5634602386a82223f1627d0a8f6

    • SHA512

      500ad6eae6095d4052c3a5e63dd7e2a8ada8118377989bffff8130739519f112e1332462a01b899af6b8be97bd3f3b516e0d7706ece1bda94b127a325f95de48

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLwJYH5:1dWubF3n9S91BF3fboEJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks