General

  • Target

    3e7cf0ea1094acff56f7b470c7a0d6a00a16617568e72bb9abe1507932972e02

  • Size

    51KB

  • Sample

    240611-mjjarstgpq

  • MD5

    9abf0269a780b3b83ecb5f48a23a2ef8

  • SHA1

    663ffd4baf3beeb6a7a000f6eee2604f9b99844b

  • SHA256

    3e7cf0ea1094acff56f7b470c7a0d6a00a16617568e72bb9abe1507932972e02

  • SHA512

    998ae7e61c077b2df16b909368679b347cef7373b01248c5475d6ac6bbaa8171225a95df8d63f494e3215c9353482fa87bc981d0a7769027406d41ce531ab847

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+JYH5:1dWubF3n9S91BF3fboiJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3e7cf0ea1094acff56f7b470c7a0d6a00a16617568e72bb9abe1507932972e02

    • Size

      51KB

    • MD5

      9abf0269a780b3b83ecb5f48a23a2ef8

    • SHA1

      663ffd4baf3beeb6a7a000f6eee2604f9b99844b

    • SHA256

      3e7cf0ea1094acff56f7b470c7a0d6a00a16617568e72bb9abe1507932972e02

    • SHA512

      998ae7e61c077b2df16b909368679b347cef7373b01248c5475d6ac6bbaa8171225a95df8d63f494e3215c9353482fa87bc981d0a7769027406d41ce531ab847

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+JYH5:1dWubF3n9S91BF3fboiJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks