General

  • Target

    01461b0b8fdd1e802bd3f14cb6d678250f05d72e1e624e8f4afae76ea13cd3f3

  • Size

    51KB

  • Sample

    240611-khx2es1eqn

  • MD5

    f6723aa8764d8fc2600f4a9a9d1d53f5

  • SHA1

    c03bccf90f18bcb199048b35482d351a6f8b825f

  • SHA256

    01461b0b8fdd1e802bd3f14cb6d678250f05d72e1e624e8f4afae76ea13cd3f3

  • SHA512

    d2a446c0d9a1dd6ead0a5f526e3a66285289f4be9c117b5a8aaab120d0d6ece6404fdbb40d15317387004be0030215d8ab1d698d39806ab93b632a8db338ba46

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbozJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      01461b0b8fdd1e802bd3f14cb6d678250f05d72e1e624e8f4afae76ea13cd3f3

    • Size

      51KB

    • MD5

      f6723aa8764d8fc2600f4a9a9d1d53f5

    • SHA1

      c03bccf90f18bcb199048b35482d351a6f8b825f

    • SHA256

      01461b0b8fdd1e802bd3f14cb6d678250f05d72e1e624e8f4afae76ea13cd3f3

    • SHA512

      d2a446c0d9a1dd6ead0a5f526e3a66285289f4be9c117b5a8aaab120d0d6ece6404fdbb40d15317387004be0030215d8ab1d698d39806ab93b632a8db338ba46

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbozJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks