General

  • Target

    88474110152668ed6d74383e2b095242b614ffdbf1e85a6a34db2bf7a1b318f4

  • Size

    51KB

  • Sample

    240611-khceqa1enp

  • MD5

    2b310f428e935d47ff0ce525f6ee961a

  • SHA1

    c00d99c6cba7cda2ce2a887ad25c1620d070dd7d

  • SHA256

    88474110152668ed6d74383e2b095242b614ffdbf1e85a6a34db2bf7a1b318f4

  • SHA512

    554bfc0a102623ef76c74a30ed77873fd1cb4a79a8eb76162d545df8a754509e55b3735e59fb22ff2b6db37682ce338bd62d058572bec8d5608cf13f45b3092f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLfJYH5:1dWubF3n9S91BF3fboTJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      88474110152668ed6d74383e2b095242b614ffdbf1e85a6a34db2bf7a1b318f4

    • Size

      51KB

    • MD5

      2b310f428e935d47ff0ce525f6ee961a

    • SHA1

      c00d99c6cba7cda2ce2a887ad25c1620d070dd7d

    • SHA256

      88474110152668ed6d74383e2b095242b614ffdbf1e85a6a34db2bf7a1b318f4

    • SHA512

      554bfc0a102623ef76c74a30ed77873fd1cb4a79a8eb76162d545df8a754509e55b3735e59fb22ff2b6db37682ce338bd62d058572bec8d5608cf13f45b3092f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLfJYH5:1dWubF3n9S91BF3fboTJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks