General

  • Target

    1b4d2ed6e11cb888aa5af571ff068976045f42a617e4e006ebbe0cef12bd0ffb

  • Size

    51KB

  • Sample

    240604-2ef26sed33

  • MD5

    278ff0fd70a181cfc55da069ef0e622a

  • SHA1

    bb2051bd4b3be82f5ca0949e68819080360e6204

  • SHA256

    1b4d2ed6e11cb888aa5af571ff068976045f42a617e4e006ebbe0cef12bd0ffb

  • SHA512

    f9ab002a112c4b9c6702215d5d9d9a46a0b87af5273f4aeb8fc550d69baa3a4c46947ae47c02364c7f932eb07df854194b9e18c53402a962701335da8aac48ff

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLKJYH5:1dWubF3n9S91BF3fboWJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      1b4d2ed6e11cb888aa5af571ff068976045f42a617e4e006ebbe0cef12bd0ffb

    • Size

      51KB

    • MD5

      278ff0fd70a181cfc55da069ef0e622a

    • SHA1

      bb2051bd4b3be82f5ca0949e68819080360e6204

    • SHA256

      1b4d2ed6e11cb888aa5af571ff068976045f42a617e4e006ebbe0cef12bd0ffb

    • SHA512

      f9ab002a112c4b9c6702215d5d9d9a46a0b87af5273f4aeb8fc550d69baa3a4c46947ae47c02364c7f932eb07df854194b9e18c53402a962701335da8aac48ff

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLKJYH5:1dWubF3n9S91BF3fboWJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks