General

  • Target

    5cd114b439fdc70d83931e4655d987563e36c7470c07817cec6f4dc60ae23d6f

  • Size

    51KB

  • Sample

    240611-3gwq3swbjh

  • MD5

    e5a12e11dd669fbafd8474558041354d

  • SHA1

    cc54cf949d0ed3bb17bf1d854a2268455a28fb24

  • SHA256

    5cd114b439fdc70d83931e4655d987563e36c7470c07817cec6f4dc60ae23d6f

  • SHA512

    35150862665c5160c190af238fecf2e373db9552d8d02c0c31308e2ea6762066bc87cd16a831040ec5e02da1f3d7f8cc0039ed3e014a4c0a49ce39dfa846e649

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+NJYH5:1dWubF3n9S91BF3fbo6JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5cd114b439fdc70d83931e4655d987563e36c7470c07817cec6f4dc60ae23d6f

    • Size

      51KB

    • MD5

      e5a12e11dd669fbafd8474558041354d

    • SHA1

      cc54cf949d0ed3bb17bf1d854a2268455a28fb24

    • SHA256

      5cd114b439fdc70d83931e4655d987563e36c7470c07817cec6f4dc60ae23d6f

    • SHA512

      35150862665c5160c190af238fecf2e373db9552d8d02c0c31308e2ea6762066bc87cd16a831040ec5e02da1f3d7f8cc0039ed3e014a4c0a49ce39dfa846e649

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+NJYH5:1dWubF3n9S91BF3fbo6JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks