General

  • Target

    955952905df3deba5c6ae5aafb35e257caee3dfad53211431b323eddb49e9cd1

  • Size

    51KB

  • Sample

    240611-mnl78ateqb

  • MD5

    9d212f06ede7fd600674ebf2605a65f1

  • SHA1

    3c40356345ae5a9736a8b3387649226264ecfa8b

  • SHA256

    955952905df3deba5c6ae5aafb35e257caee3dfad53211431b323eddb49e9cd1

  • SHA512

    22f1bd67a66c7d83c928854486bb486fc0f75d2caac5e9253efb7ecd944e72c17a8602975d70a5d33037bd362ac4b228eb73364cc9fdc55e34b87675d31743ef

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL3JYH5:1dWubF3n9S91BF3fbojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      955952905df3deba5c6ae5aafb35e257caee3dfad53211431b323eddb49e9cd1

    • Size

      51KB

    • MD5

      9d212f06ede7fd600674ebf2605a65f1

    • SHA1

      3c40356345ae5a9736a8b3387649226264ecfa8b

    • SHA256

      955952905df3deba5c6ae5aafb35e257caee3dfad53211431b323eddb49e9cd1

    • SHA512

      22f1bd67a66c7d83c928854486bb486fc0f75d2caac5e9253efb7ecd944e72c17a8602975d70a5d33037bd362ac4b228eb73364cc9fdc55e34b87675d31743ef

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL3JYH5:1dWubF3n9S91BF3fbojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks