General

  • Target

    34c11a84b8b9c0b2e5becf8fec28e2707336c79c8dae216cd82fa6488dd61727

  • Size

    51KB

  • Sample

    240611-mnlxfsteph

  • MD5

    8deaa5eac68a69e666d9f1544975ca51

  • SHA1

    935f075bad076d7a0c1bcbec6a33b822b9ae794c

  • SHA256

    34c11a84b8b9c0b2e5becf8fec28e2707336c79c8dae216cd82fa6488dd61727

  • SHA512

    ac0bed7d6093a4912ba682b251dfe66ff68572f78e92280bfefb2c18c7eda004c40cf9903fb934f847bbfea30bdf6b70f5eb86ceb6928c01f65039316cc13175

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboCJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      34c11a84b8b9c0b2e5becf8fec28e2707336c79c8dae216cd82fa6488dd61727

    • Size

      51KB

    • MD5

      8deaa5eac68a69e666d9f1544975ca51

    • SHA1

      935f075bad076d7a0c1bcbec6a33b822b9ae794c

    • SHA256

      34c11a84b8b9c0b2e5becf8fec28e2707336c79c8dae216cd82fa6488dd61727

    • SHA512

      ac0bed7d6093a4912ba682b251dfe66ff68572f78e92280bfefb2c18c7eda004c40cf9903fb934f847bbfea30bdf6b70f5eb86ceb6928c01f65039316cc13175

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboCJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks