General

  • Target

    4755d03ed609c342bfd457e0f9675eab7fa48fc1beb956b42f0d2896ae8a98f6

  • Size

    51KB

  • Sample

    240611-3gt79awarr

  • MD5

    416fdfcbe1b3e82a65412195a2bccd2b

  • SHA1

    3a8709847f010317fc43a02da1019a4c5842d226

  • SHA256

    4755d03ed609c342bfd457e0f9675eab7fa48fc1beb956b42f0d2896ae8a98f6

  • SHA512

    462847c76f9f246d691bf828ac4d1c8e9d2b0a485870128a764fb10edb6d93350380bf7c02e4f1136337923f666623813f61dc58352d8458190f5dd7d7deb6b3

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLEJYH5:1dWubF3n9S91BF3fbo4JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      4755d03ed609c342bfd457e0f9675eab7fa48fc1beb956b42f0d2896ae8a98f6

    • Size

      51KB

    • MD5

      416fdfcbe1b3e82a65412195a2bccd2b

    • SHA1

      3a8709847f010317fc43a02da1019a4c5842d226

    • SHA256

      4755d03ed609c342bfd457e0f9675eab7fa48fc1beb956b42f0d2896ae8a98f6

    • SHA512

      462847c76f9f246d691bf828ac4d1c8e9d2b0a485870128a764fb10edb6d93350380bf7c02e4f1136337923f666623813f61dc58352d8458190f5dd7d7deb6b3

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLEJYH5:1dWubF3n9S91BF3fbo4JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks