General

  • Target

    2dae9a6d8386a9939f94dac23132abcb31164fbfad850f16b4cc41ce76affd33

  • Size

    51KB

  • Sample

    240611-khwtcs1ama

  • MD5

    7cca2e3cce376705a0f78ca684368702

  • SHA1

    192bf6b39754d4b0f8511f5dce4be513d74208a2

  • SHA256

    2dae9a6d8386a9939f94dac23132abcb31164fbfad850f16b4cc41ce76affd33

  • SHA512

    8a488824484fc8aa54c925cec4e8068e29fecc0f008f22f47da1bca578571d00d3983d0f94fac56884fabda885deacaa75f55227fb7ffbc316ccbc049909da40

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fbobJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      2dae9a6d8386a9939f94dac23132abcb31164fbfad850f16b4cc41ce76affd33

    • Size

      51KB

    • MD5

      7cca2e3cce376705a0f78ca684368702

    • SHA1

      192bf6b39754d4b0f8511f5dce4be513d74208a2

    • SHA256

      2dae9a6d8386a9939f94dac23132abcb31164fbfad850f16b4cc41ce76affd33

    • SHA512

      8a488824484fc8aa54c925cec4e8068e29fecc0f008f22f47da1bca578571d00d3983d0f94fac56884fabda885deacaa75f55227fb7ffbc316ccbc049909da40

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fbobJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks