General

  • Target

    dd4699bc3aa08d50b6d0c64fdb72b514b695544c843e2d08f878eadd92b2c765

  • Size

    51KB

  • Sample

    240604-2egcyade91

  • MD5

    7a091bfc969557d9921305565737c211

  • SHA1

    25d8a402119ce2448ad19ffb3ba12d10f2ff7ba5

  • SHA256

    dd4699bc3aa08d50b6d0c64fdb72b514b695544c843e2d08f878eadd92b2c765

  • SHA512

    1e0645824148c3656f94e25175c206d5749f2d4853bf651f31e2b774870e38f3ffe876a08b887559b503d025560c37d7c9b761a9c21bf76903d845b1c952be92

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLtJYH5:1dWubF3n9S91BF3fbo5JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      dd4699bc3aa08d50b6d0c64fdb72b514b695544c843e2d08f878eadd92b2c765

    • Size

      51KB

    • MD5

      7a091bfc969557d9921305565737c211

    • SHA1

      25d8a402119ce2448ad19ffb3ba12d10f2ff7ba5

    • SHA256

      dd4699bc3aa08d50b6d0c64fdb72b514b695544c843e2d08f878eadd92b2c765

    • SHA512

      1e0645824148c3656f94e25175c206d5749f2d4853bf651f31e2b774870e38f3ffe876a08b887559b503d025560c37d7c9b761a9c21bf76903d845b1c952be92

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLtJYH5:1dWubF3n9S91BF3fbo5JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks