General

  • Target

    2cba6c40cd8b28ad3d71e35e86b492ede4ac1566f6ffeec1665269002289d3a6

  • Size

    51KB

  • Sample

    240605-av4dvshd74

  • MD5

    fd2d03e3383d407542e7f0147b66016a

  • SHA1

    f408bf215c8f61507e61c0e2f4f12cb87cecb28a

  • SHA256

    2cba6c40cd8b28ad3d71e35e86b492ede4ac1566f6ffeec1665269002289d3a6

  • SHA512

    22eefc5afea6f330a24913257b39e5290912242e3d50b47b58eb9e7f2b24b5d49495e179200b4e35e7bac50c2bbcc64bbd52f10cd9bee7dbae2fa7882a1c4111

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL/JYH5:1dWubF3n9S91BF3fbojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      2cba6c40cd8b28ad3d71e35e86b492ede4ac1566f6ffeec1665269002289d3a6

    • Size

      51KB

    • MD5

      fd2d03e3383d407542e7f0147b66016a

    • SHA1

      f408bf215c8f61507e61c0e2f4f12cb87cecb28a

    • SHA256

      2cba6c40cd8b28ad3d71e35e86b492ede4ac1566f6ffeec1665269002289d3a6

    • SHA512

      22eefc5afea6f330a24913257b39e5290912242e3d50b47b58eb9e7f2b24b5d49495e179200b4e35e7bac50c2bbcc64bbd52f10cd9bee7dbae2fa7882a1c4111

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL/JYH5:1dWubF3n9S91BF3fbojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks