General

  • Target

    51dbcce12e8253b43fa6b720c9e3a0b62dacf839fcf3bfb4b089e76d831888f6

  • Size

    51KB

  • Sample

    240604-qrh7hshb4t

  • MD5

    630a6fae850dcecbf9ea05447d6ca3fb

  • SHA1

    e4e154b9c18f1cacab5df8a9570b2027ce8da0a6

  • SHA256

    51dbcce12e8253b43fa6b720c9e3a0b62dacf839fcf3bfb4b089e76d831888f6

  • SHA512

    c791068c5605201492108a8d01089659178e12a6ff4781f608f05bf422b69a79460d66f5e7a2599aab1dd452d0cab768e44a71a72e29c77e1946c4b10431b614

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLpJYH5:1dWubF3n9S91BF3fbotJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      51dbcce12e8253b43fa6b720c9e3a0b62dacf839fcf3bfb4b089e76d831888f6

    • Size

      51KB

    • MD5

      630a6fae850dcecbf9ea05447d6ca3fb

    • SHA1

      e4e154b9c18f1cacab5df8a9570b2027ce8da0a6

    • SHA256

      51dbcce12e8253b43fa6b720c9e3a0b62dacf839fcf3bfb4b089e76d831888f6

    • SHA512

      c791068c5605201492108a8d01089659178e12a6ff4781f608f05bf422b69a79460d66f5e7a2599aab1dd452d0cab768e44a71a72e29c77e1946c4b10431b614

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLpJYH5:1dWubF3n9S91BF3fbotJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks