General

  • Target

    07b197f48227014981c2d18717400576097ebe2904ef564316b30dd86e1f09db

  • Size

    51KB

  • Sample

    240604-3gvtsafb2y

  • MD5

    9c9b7e3f862e7c9fc4c3462bf4c4f850

  • SHA1

    b1739725b48c10c7ccfa0b91418db9e6a749079b

  • SHA256

    07b197f48227014981c2d18717400576097ebe2904ef564316b30dd86e1f09db

  • SHA512

    92bc376731f3739e0ff5b6e177e5e9381e6d1c9a3d686f1dbe86156455042eab0f072e27f349b02ffefbb5db9669617075e902aeac2eae0964e705916cdaf03c

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fbojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      07b197f48227014981c2d18717400576097ebe2904ef564316b30dd86e1f09db

    • Size

      51KB

    • MD5

      9c9b7e3f862e7c9fc4c3462bf4c4f850

    • SHA1

      b1739725b48c10c7ccfa0b91418db9e6a749079b

    • SHA256

      07b197f48227014981c2d18717400576097ebe2904ef564316b30dd86e1f09db

    • SHA512

      92bc376731f3739e0ff5b6e177e5e9381e6d1c9a3d686f1dbe86156455042eab0f072e27f349b02ffefbb5db9669617075e902aeac2eae0964e705916cdaf03c

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fbojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks