General

  • Target

    27bc8a7042f88ebe5116e3ccd149b25ec77c3e33a6939d1f6d1adc6a466cde34

  • Size

    51KB

  • Sample

    240611-3jn41swbnj

  • MD5

    4489c68e76b2c7b8410f03611020af28

  • SHA1

    921602fc277640bb1b99bc58cbcc7146b34b1e35

  • SHA256

    27bc8a7042f88ebe5116e3ccd149b25ec77c3e33a6939d1f6d1adc6a466cde34

  • SHA512

    9294761e163206154e667987c1eb758e72c68e71dc77e0c473921b50c0cc223f64187d164995a392d6d8ce4e6ebbbf09989c1d6d1f735090d059d9f75c63cd00

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbozJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      27bc8a7042f88ebe5116e3ccd149b25ec77c3e33a6939d1f6d1adc6a466cde34

    • Size

      51KB

    • MD5

      4489c68e76b2c7b8410f03611020af28

    • SHA1

      921602fc277640bb1b99bc58cbcc7146b34b1e35

    • SHA256

      27bc8a7042f88ebe5116e3ccd149b25ec77c3e33a6939d1f6d1adc6a466cde34

    • SHA512

      9294761e163206154e667987c1eb758e72c68e71dc77e0c473921b50c0cc223f64187d164995a392d6d8ce4e6ebbbf09989c1d6d1f735090d059d9f75c63cd00

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbozJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks