General

  • Target

    0878e90eb461655ee2b31607c41b27480ced1b15ac27e1a724c71800798a5f01

  • Size

    51KB

  • Sample

    240603-qtks5ahe39

  • MD5

    fa33104d09c03c8082f59d0bbfd55a91

  • SHA1

    5890b24c85973b718124d3922418d0f4a69fbcd5

  • SHA256

    0878e90eb461655ee2b31607c41b27480ced1b15ac27e1a724c71800798a5f01

  • SHA512

    da408165802279ebc5346423f83c6d1764e55b82ec05697fd7508dd453895e4837cf630e69816077511fc83fc8b8472cccaa34cccc296cc5591f322ca12c2530

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLXJYH5:1dWubF3n9S91BF3fborJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0878e90eb461655ee2b31607c41b27480ced1b15ac27e1a724c71800798a5f01

    • Size

      51KB

    • MD5

      fa33104d09c03c8082f59d0bbfd55a91

    • SHA1

      5890b24c85973b718124d3922418d0f4a69fbcd5

    • SHA256

      0878e90eb461655ee2b31607c41b27480ced1b15ac27e1a724c71800798a5f01

    • SHA512

      da408165802279ebc5346423f83c6d1764e55b82ec05697fd7508dd453895e4837cf630e69816077511fc83fc8b8472cccaa34cccc296cc5591f322ca12c2530

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLXJYH5:1dWubF3n9S91BF3fborJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks