General

  • Target

    e5f879f357cda4fe218293a844d540f1ea44fe834587a03e8966536a9c3b48d4

  • Size

    51KB

  • Sample

    240603-np2vqsda41

  • MD5

    c5dc4d6d775ae8df3ecce560159791eb

  • SHA1

    d04903c74faeb34c597444b787efc80ef84a13dc

  • SHA256

    e5f879f357cda4fe218293a844d540f1ea44fe834587a03e8966536a9c3b48d4

  • SHA512

    ce0765e99b18d7d6e80386e7821af79ba579b9db3ac239d54d1ec275897ea4704537f574f5743ab5108a8f0659991f1561c56a5e1148aae45ffff90b710d6596

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fbopJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e5f879f357cda4fe218293a844d540f1ea44fe834587a03e8966536a9c3b48d4

    • Size

      51KB

    • MD5

      c5dc4d6d775ae8df3ecce560159791eb

    • SHA1

      d04903c74faeb34c597444b787efc80ef84a13dc

    • SHA256

      e5f879f357cda4fe218293a844d540f1ea44fe834587a03e8966536a9c3b48d4

    • SHA512

      ce0765e99b18d7d6e80386e7821af79ba579b9db3ac239d54d1ec275897ea4704537f574f5743ab5108a8f0659991f1561c56a5e1148aae45ffff90b710d6596

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fbopJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks