General

  • Target

    432a9bd563c6a6a36611dcb2dddea570_NeikiAnalytics.exe

  • Size

    51KB

  • Sample

    240604-j55jcaba79

  • MD5

    432a9bd563c6a6a36611dcb2dddea570

  • SHA1

    d355eaa8795c4f5bc2df71439c3d804a5e0e7a51

  • SHA256

    a06ee8753bdbbd32baa4611f983b0c2eb607548df8dca4f8a25ffb66f3e8cad5

  • SHA512

    bb74e73d0b9bac922b61b8822c6b2cc540cea7794f2e947c1ef4e2b25efa8cd2d9ea1debdb81188746bb05ff3efdc950ed03b458d4dc0db8736890c6d61a5e3f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLWJYH5:1dWubF3n9S91BF3fboyJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      432a9bd563c6a6a36611dcb2dddea570_NeikiAnalytics.exe

    • Size

      51KB

    • MD5

      432a9bd563c6a6a36611dcb2dddea570

    • SHA1

      d355eaa8795c4f5bc2df71439c3d804a5e0e7a51

    • SHA256

      a06ee8753bdbbd32baa4611f983b0c2eb607548df8dca4f8a25ffb66f3e8cad5

    • SHA512

      bb74e73d0b9bac922b61b8822c6b2cc540cea7794f2e947c1ef4e2b25efa8cd2d9ea1debdb81188746bb05ff3efdc950ed03b458d4dc0db8736890c6d61a5e3f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLWJYH5:1dWubF3n9S91BF3fboyJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks