General

  • Target

    6bf595465c65fdab08a706cded3aa2237c391de5efdbd818bbc4570ba40fe52c

  • Size

    51KB

  • Sample

    240611-3gtxgswarq

  • MD5

    b66b4c5b04635e105f3fba31f5092442

  • SHA1

    3e74bbbe6a3c9cac319d8f9b197fde0788f6fe7d

  • SHA256

    6bf595465c65fdab08a706cded3aa2237c391de5efdbd818bbc4570ba40fe52c

  • SHA512

    79b9239cab3251204fcdd654d539741ba611946e0659e5710f08c6ce617e2e14e0c0e2d098298bd5c70a68f6b213fd3640851b961dc327ad2b8dd9a0b803e32a

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL9JYH5:1dWubF3n9S91BF3fboJJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      6bf595465c65fdab08a706cded3aa2237c391de5efdbd818bbc4570ba40fe52c

    • Size

      51KB

    • MD5

      b66b4c5b04635e105f3fba31f5092442

    • SHA1

      3e74bbbe6a3c9cac319d8f9b197fde0788f6fe7d

    • SHA256

      6bf595465c65fdab08a706cded3aa2237c391de5efdbd818bbc4570ba40fe52c

    • SHA512

      79b9239cab3251204fcdd654d539741ba611946e0659e5710f08c6ce617e2e14e0c0e2d098298bd5c70a68f6b213fd3640851b961dc327ad2b8dd9a0b803e32a

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL9JYH5:1dWubF3n9S91BF3fboJJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks