General

  • Target

    696e84889c22433901e6f38830f9b33d4948f154dc6a1bb1b4dd876058e84f5d

  • Size

    51KB

  • Sample

    240611-khbs7a1ake

  • MD5

    6f4fd3a80c71766a83efa9d1c6120979

  • SHA1

    ad1b4f87d0d2e5ed208e7c0ee10852d8106b4d87

  • SHA256

    696e84889c22433901e6f38830f9b33d4948f154dc6a1bb1b4dd876058e84f5d

  • SHA512

    262e272d7f681cd0b6c794c7bb3ac4e1f8c439fac79b352ddafc8054c8d27e1177261edbb9c2ea7d94c4b94c3102755d28ab86c7cb3077eb80e8672e833a73b7

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLeJYH5:1dWubF3n9S91BF3fboqJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      696e84889c22433901e6f38830f9b33d4948f154dc6a1bb1b4dd876058e84f5d

    • Size

      51KB

    • MD5

      6f4fd3a80c71766a83efa9d1c6120979

    • SHA1

      ad1b4f87d0d2e5ed208e7c0ee10852d8106b4d87

    • SHA256

      696e84889c22433901e6f38830f9b33d4948f154dc6a1bb1b4dd876058e84f5d

    • SHA512

      262e272d7f681cd0b6c794c7bb3ac4e1f8c439fac79b352ddafc8054c8d27e1177261edbb9c2ea7d94c4b94c3102755d28ab86c7cb3077eb80e8672e833a73b7

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLeJYH5:1dWubF3n9S91BF3fboqJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks