General

  • Target

    f3575cd2590d0979d5feb535fef9e065c88ff1ac9a958f0a1069d2e83fdba6aa

  • Size

    51KB

  • Sample

    240611-mm2aratenf

  • MD5

    8fc2ffa21f08b6d839df094ecb330938

  • SHA1

    1fbc4788f01507ec187db030ba8b0359cf6d9bb7

  • SHA256

    f3575cd2590d0979d5feb535fef9e065c88ff1ac9a958f0a1069d2e83fdba6aa

  • SHA512

    c5a38f1fff33cd74419371b74a24e44dbb6fb0f5bc0978206232e04a375c2a6942b061c7107a3cd94db68fa7c054c83ca807b031f543a964ab79e85f2a498c4d

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fbomJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f3575cd2590d0979d5feb535fef9e065c88ff1ac9a958f0a1069d2e83fdba6aa

    • Size

      51KB

    • MD5

      8fc2ffa21f08b6d839df094ecb330938

    • SHA1

      1fbc4788f01507ec187db030ba8b0359cf6d9bb7

    • SHA256

      f3575cd2590d0979d5feb535fef9e065c88ff1ac9a958f0a1069d2e83fdba6aa

    • SHA512

      c5a38f1fff33cd74419371b74a24e44dbb6fb0f5bc0978206232e04a375c2a6942b061c7107a3cd94db68fa7c054c83ca807b031f543a964ab79e85f2a498c4d

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLyJYH5:1dWubF3n9S91BF3fbomJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks