General

  • Target

    5afb8055d02362af98e666852e7eb1517fa16d3adf8777a6ed8e393d3b5a79e2

  • Size

    51KB

  • Sample

    240611-mjjarstgpr

  • MD5

    c5137b13662b81370278be1b07ed338d

  • SHA1

    05b2ce01836a1addfc8a860569c1bdfd587369a1

  • SHA256

    5afb8055d02362af98e666852e7eb1517fa16d3adf8777a6ed8e393d3b5a79e2

  • SHA512

    e72d78267ee94fc82addc141d4cbd1f5c3604abb2bff4154b29f9e55a304a71e57dc76ee7a5b147e47db93f5feb8290221083005c718159cd525a5cb8c5a2778

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fbo8JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5afb8055d02362af98e666852e7eb1517fa16d3adf8777a6ed8e393d3b5a79e2

    • Size

      51KB

    • MD5

      c5137b13662b81370278be1b07ed338d

    • SHA1

      05b2ce01836a1addfc8a860569c1bdfd587369a1

    • SHA256

      5afb8055d02362af98e666852e7eb1517fa16d3adf8777a6ed8e393d3b5a79e2

    • SHA512

      e72d78267ee94fc82addc141d4cbd1f5c3604abb2bff4154b29f9e55a304a71e57dc76ee7a5b147e47db93f5feb8290221083005c718159cd525a5cb8c5a2778

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fbo8JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks