General

  • Target

    69ec310767ba4ca1b416f565abd8ae116b2406293b34f458ac45f4b1f90f2bc3

  • Size

    51KB

  • Sample

    240604-1b4tdscg99

  • MD5

    7b11223baa9fa8452b829329f865ffb9

  • SHA1

    889eab6d5c7f2ff963df5d7a78c6e8bc77eb6561

  • SHA256

    69ec310767ba4ca1b416f565abd8ae116b2406293b34f458ac45f4b1f90f2bc3

  • SHA512

    4f240d67a87e6ee56003355ddd62b010466de0a0009261d8f5a05c690a264938971c2fa70f53ab7b82cf21646f29711c72dcdc33239c67ccb2ac0829f0210f7c

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL6JYH5:1dWubF3n9S91BF3fbomJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      69ec310767ba4ca1b416f565abd8ae116b2406293b34f458ac45f4b1f90f2bc3

    • Size

      51KB

    • MD5

      7b11223baa9fa8452b829329f865ffb9

    • SHA1

      889eab6d5c7f2ff963df5d7a78c6e8bc77eb6561

    • SHA256

      69ec310767ba4ca1b416f565abd8ae116b2406293b34f458ac45f4b1f90f2bc3

    • SHA512

      4f240d67a87e6ee56003355ddd62b010466de0a0009261d8f5a05c690a264938971c2fa70f53ab7b82cf21646f29711c72dcdc33239c67ccb2ac0829f0210f7c

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL6JYH5:1dWubF3n9S91BF3fbomJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks