General

  • Target

    6933fe80cecc45b331d7939707e8e68150782ec8972a254c15d334976f69156a

  • Size

    51KB

  • Sample

    240611-kgajqs1ekl

  • MD5

    6b8f7c2bb81c265feb574a6c9a018076

  • SHA1

    d6b9e1910669348414eee8d4b0a2af1f03f0733c

  • SHA256

    6933fe80cecc45b331d7939707e8e68150782ec8972a254c15d334976f69156a

  • SHA512

    b9a3dd408c0c0442808395d3d40c91c7e802fc57af749da8c3751d9c71682e9864c596bafda3cf35045dc7a91a6b3e261818ccc0a13b8fa2cc9ff67806ab1dd8

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fbo1JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      6933fe80cecc45b331d7939707e8e68150782ec8972a254c15d334976f69156a

    • Size

      51KB

    • MD5

      6b8f7c2bb81c265feb574a6c9a018076

    • SHA1

      d6b9e1910669348414eee8d4b0a2af1f03f0733c

    • SHA256

      6933fe80cecc45b331d7939707e8e68150782ec8972a254c15d334976f69156a

    • SHA512

      b9a3dd408c0c0442808395d3d40c91c7e802fc57af749da8c3751d9c71682e9864c596bafda3cf35045dc7a91a6b3e261818ccc0a13b8fa2cc9ff67806ab1dd8

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fbo1JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks