General

  • Target

    e4465f500fff86479dae6f3ec2d6c92b4d988ad2d91c3ab21798abf9ffcadd49

  • Size

    51KB

  • Sample

    240605-bx88kaac3z

  • MD5

    3dac3bb0d6b945ededa8bfe61d1f18d3

  • SHA1

    d28666ae37e4076a130bddf92a613254a95c79b8

  • SHA256

    e4465f500fff86479dae6f3ec2d6c92b4d988ad2d91c3ab21798abf9ffcadd49

  • SHA512

    6b1d64f79b2f120c84265580e95f97542bd806a68ed2e3b3b52637c976689f3d1b769fe5214569a9d47b78d763262d42a2169919e495ac8a651a0d631d2ac06a

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboyJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e4465f500fff86479dae6f3ec2d6c92b4d988ad2d91c3ab21798abf9ffcadd49

    • Size

      51KB

    • MD5

      3dac3bb0d6b945ededa8bfe61d1f18d3

    • SHA1

      d28666ae37e4076a130bddf92a613254a95c79b8

    • SHA256

      e4465f500fff86479dae6f3ec2d6c92b4d988ad2d91c3ab21798abf9ffcadd49

    • SHA512

      6b1d64f79b2f120c84265580e95f97542bd806a68ed2e3b3b52637c976689f3d1b769fe5214569a9d47b78d763262d42a2169919e495ac8a651a0d631d2ac06a

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboyJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks