General

  • Target

    b6040252ec8f6d23a751234023d4a03bba4601bddea55bcde100dcfffe02e37a

  • Size

    51KB

  • Sample

    240611-kh21da1amd

  • MD5

    ddccb0c2401e933de089e28b4084e803

  • SHA1

    4a991303541f78b69582f604950df58c91cccc16

  • SHA256

    b6040252ec8f6d23a751234023d4a03bba4601bddea55bcde100dcfffe02e37a

  • SHA512

    54f86511f3c60630ca177910f64b4599089adc815efcac321d06dfc39256419a7104247e91b6da3906194e140867c40fcfe372cd1d15bd2c0ca518543d0fa2fb

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fboJJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      b6040252ec8f6d23a751234023d4a03bba4601bddea55bcde100dcfffe02e37a

    • Size

      51KB

    • MD5

      ddccb0c2401e933de089e28b4084e803

    • SHA1

      4a991303541f78b69582f604950df58c91cccc16

    • SHA256

      b6040252ec8f6d23a751234023d4a03bba4601bddea55bcde100dcfffe02e37a

    • SHA512

      54f86511f3c60630ca177910f64b4599089adc815efcac321d06dfc39256419a7104247e91b6da3906194e140867c40fcfe372cd1d15bd2c0ca518543d0fa2fb

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fboJJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks