General

  • Target

    bad894c5bb6495f159580ba0d37ca22b7f4004af0b15804932994788b0a1d4b5

  • Size

    51KB

  • Sample

    240604-f8qb2seg4x

  • MD5

    bdac017a9bb1355580d71614e7e141b7

  • SHA1

    d1d8b5cec587eb85a4a2ce26a6cf739a21195ab5

  • SHA256

    bad894c5bb6495f159580ba0d37ca22b7f4004af0b15804932994788b0a1d4b5

  • SHA512

    8999688d61111c5503ce13a9c76e925520ff70668fb9dcda09f4caa293c65048c400d4009941c7c596276bed67aa339de69877f17805e5a4a96cadbce90fbc06

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZrJYH5:1dWubF3n9S91BF3fboVrJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      bad894c5bb6495f159580ba0d37ca22b7f4004af0b15804932994788b0a1d4b5

    • Size

      51KB

    • MD5

      bdac017a9bb1355580d71614e7e141b7

    • SHA1

      d1d8b5cec587eb85a4a2ce26a6cf739a21195ab5

    • SHA256

      bad894c5bb6495f159580ba0d37ca22b7f4004af0b15804932994788b0a1d4b5

    • SHA512

      8999688d61111c5503ce13a9c76e925520ff70668fb9dcda09f4caa293c65048c400d4009941c7c596276bed67aa339de69877f17805e5a4a96cadbce90fbc06

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZrJYH5:1dWubF3n9S91BF3fboVrJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks