General

  • Target

    c21beead5d5051302bf15191fae6d4539ceea9138a0ea1bd02b8d6b09467b107

  • Size

    51KB

  • Sample

    240611-khaacs1enk

  • MD5

    5f0dab8c4ef9f91a53146490bb365896

  • SHA1

    dd85dbebe375658e3120d50445e55cd4bde739bf

  • SHA256

    c21beead5d5051302bf15191fae6d4539ceea9138a0ea1bd02b8d6b09467b107

  • SHA512

    27fea2cde277528bf16f134710ca415f073650e94737aaf1cdebb5891a1a5705587131d2b037b3ec5f9c613ab7f0c107a28e11e8c997dbe14e10887d896c0e61

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLXJYH5:1dWubF3n9S91BF3fbojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c21beead5d5051302bf15191fae6d4539ceea9138a0ea1bd02b8d6b09467b107

    • Size

      51KB

    • MD5

      5f0dab8c4ef9f91a53146490bb365896

    • SHA1

      dd85dbebe375658e3120d50445e55cd4bde739bf

    • SHA256

      c21beead5d5051302bf15191fae6d4539ceea9138a0ea1bd02b8d6b09467b107

    • SHA512

      27fea2cde277528bf16f134710ca415f073650e94737aaf1cdebb5891a1a5705587131d2b037b3ec5f9c613ab7f0c107a28e11e8c997dbe14e10887d896c0e61

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLXJYH5:1dWubF3n9S91BF3fbojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks