General

  • Target

    d6b558c13c7ce321fab3df779447be037c9b898321c7eb58b838c6ae5a643b2b

  • Size

    51KB

  • Sample

    240611-nnnxgswbnr

  • MD5

    4931254b152737daf6ee7077d4e1264e

  • SHA1

    8701e926cc024ac47a5f5cccd4f5ead59a3035c9

  • SHA256

    d6b558c13c7ce321fab3df779447be037c9b898321c7eb58b838c6ae5a643b2b

  • SHA512

    6cd2674b2e59bddb6dd063dec761cdfd2e9606561cdf1a4ca2c83cf569c1ff1e671f64561a1c1d19dde32650ca33614cc293c9e0ec5dc296dba2d66e18a5c516

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLAJYH5:1dWubF3n9S91BF3fbo0JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      d6b558c13c7ce321fab3df779447be037c9b898321c7eb58b838c6ae5a643b2b

    • Size

      51KB

    • MD5

      4931254b152737daf6ee7077d4e1264e

    • SHA1

      8701e926cc024ac47a5f5cccd4f5ead59a3035c9

    • SHA256

      d6b558c13c7ce321fab3df779447be037c9b898321c7eb58b838c6ae5a643b2b

    • SHA512

      6cd2674b2e59bddb6dd063dec761cdfd2e9606561cdf1a4ca2c83cf569c1ff1e671f64561a1c1d19dde32650ca33614cc293c9e0ec5dc296dba2d66e18a5c516

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLAJYH5:1dWubF3n9S91BF3fbo0JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks