General

  • Target

    4e760bb4ab4ef926439b07514845c6609f440809447216823f8b9cb6733d53aa

  • Size

    51KB

  • Sample

    240611-kf4q7a1ejk

  • MD5

    b635c80805a53f81869c5e61e130820d

  • SHA1

    730fc5d5810acedc5275c957ecfa4645d81fa5b2

  • SHA256

    4e760bb4ab4ef926439b07514845c6609f440809447216823f8b9cb6733d53aa

  • SHA512

    1dfccacc501f33e4a5a7ae4ec8eb284ccb9191abf68d74eb9fb990147e76f85e804ae3ff0731e1ad0ae629516c3de4c98c024ba1131a9e96ce547d58f3d6ada4

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbozJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      4e760bb4ab4ef926439b07514845c6609f440809447216823f8b9cb6733d53aa

    • Size

      51KB

    • MD5

      b635c80805a53f81869c5e61e130820d

    • SHA1

      730fc5d5810acedc5275c957ecfa4645d81fa5b2

    • SHA256

      4e760bb4ab4ef926439b07514845c6609f440809447216823f8b9cb6733d53aa

    • SHA512

      1dfccacc501f33e4a5a7ae4ec8eb284ccb9191abf68d74eb9fb990147e76f85e804ae3ff0731e1ad0ae629516c3de4c98c024ba1131a9e96ce547d58f3d6ada4

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbozJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks