General

  • Target

    5bddad1f41f10f729559f87edfc5a77c72da1c519d35e378a88f2e9e840e25c5

  • Size

    51KB

  • Sample

    240611-3gtxgswbjf

  • MD5

    b700352401e38384ded1469c9df4e94b

  • SHA1

    0f5244765ef314da96c9f6cdadbe607184006621

  • SHA256

    5bddad1f41f10f729559f87edfc5a77c72da1c519d35e378a88f2e9e840e25c5

  • SHA512

    d1a0a413dc4bd011a8759ae872b54e3c1129d3b00a35a8e66562f13c6e1ddeb2799093dcbd3ea3933cabfb2c8545b56b3c707a64d4854193867997d318114e39

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+oJYH5:1dWubF3n9S91BF3fboXJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5bddad1f41f10f729559f87edfc5a77c72da1c519d35e378a88f2e9e840e25c5

    • Size

      51KB

    • MD5

      b700352401e38384ded1469c9df4e94b

    • SHA1

      0f5244765ef314da96c9f6cdadbe607184006621

    • SHA256

      5bddad1f41f10f729559f87edfc5a77c72da1c519d35e378a88f2e9e840e25c5

    • SHA512

      d1a0a413dc4bd011a8759ae872b54e3c1129d3b00a35a8e66562f13c6e1ddeb2799093dcbd3ea3933cabfb2c8545b56b3c707a64d4854193867997d318114e39

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+oJYH5:1dWubF3n9S91BF3fboXJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks