General

  • Target

    0c3dd86a42f5a725d3ddd30c3c4f376fcc13979923f064977cfe3ad58e947fd7

  • Size

    51KB

  • Sample

    240603-qtkhcshe37

  • MD5

    65a0b05070a46661cb39cf963fa62dc8

  • SHA1

    8d600f219c2d38349f19898b5b9b755378488066

  • SHA256

    0c3dd86a42f5a725d3ddd30c3c4f376fcc13979923f064977cfe3ad58e947fd7

  • SHA512

    850530e6273363b405e85e57a24160a4196771a3b34917246421d6ded4f9a89f8a713eabeaaf4cdd6e7eee84876d03683506dff2b0475d999a5d849eb7730838

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL4JYH5:1dWubF3n9S91BF3fboEJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0c3dd86a42f5a725d3ddd30c3c4f376fcc13979923f064977cfe3ad58e947fd7

    • Size

      51KB

    • MD5

      65a0b05070a46661cb39cf963fa62dc8

    • SHA1

      8d600f219c2d38349f19898b5b9b755378488066

    • SHA256

      0c3dd86a42f5a725d3ddd30c3c4f376fcc13979923f064977cfe3ad58e947fd7

    • SHA512

      850530e6273363b405e85e57a24160a4196771a3b34917246421d6ded4f9a89f8a713eabeaaf4cdd6e7eee84876d03683506dff2b0475d999a5d849eb7730838

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL4JYH5:1dWubF3n9S91BF3fboEJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks