General

  • Target

    9f68074f4c04b1183ad08b7d9456cb7ea2335a959a6798798233fe46f8efa662

  • Size

    51KB

  • Sample

    240604-2egcyaed34

  • MD5

    5f7e01132389c653652f224e713e7690

  • SHA1

    cb9f2a5a62d18ca8300cecff284e5f74a7dfb083

  • SHA256

    9f68074f4c04b1183ad08b7d9456cb7ea2335a959a6798798233fe46f8efa662

  • SHA512

    5eed873bcea89b71b92b073aec193a8dfe51586463e90fd9894baa2e824388ac067904f3865c1378a9ced032afaf7fc18344a2b77b1987a6852b9e594be2eeb2

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLiJYH5:1dWubF3n9S91BF3fbouJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      9f68074f4c04b1183ad08b7d9456cb7ea2335a959a6798798233fe46f8efa662

    • Size

      51KB

    • MD5

      5f7e01132389c653652f224e713e7690

    • SHA1

      cb9f2a5a62d18ca8300cecff284e5f74a7dfb083

    • SHA256

      9f68074f4c04b1183ad08b7d9456cb7ea2335a959a6798798233fe46f8efa662

    • SHA512

      5eed873bcea89b71b92b073aec193a8dfe51586463e90fd9894baa2e824388ac067904f3865c1378a9ced032afaf7fc18344a2b77b1987a6852b9e594be2eeb2

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLiJYH5:1dWubF3n9S91BF3fbouJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks