General

  • Target

    78735ddc6b8b9c2c02bef3160495ca87a3a0d6bd87eae0482ba4e4b1913ce99b

  • Size

    51KB

  • Sample

    240611-nnr9xawbpl

  • MD5

    c065bd7600eb189ca5df1b5fb4e3ebe3

  • SHA1

    78d8779e99b4c6700e14a9ebdcaf2d7260c5c973

  • SHA256

    78735ddc6b8b9c2c02bef3160495ca87a3a0d6bd87eae0482ba4e4b1913ce99b

  • SHA512

    81d6ed9677e12b8d2ee811107a6de78ccd2a4b911e1f318fbe63b738da29b32f02cd20d22ff0ddcbb80f61cce0dbff3d586b274c3359ddea68caac0c19dc3408

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLAJYH5:1dWubF3n9S91BF3fbosJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      78735ddc6b8b9c2c02bef3160495ca87a3a0d6bd87eae0482ba4e4b1913ce99b

    • Size

      51KB

    • MD5

      c065bd7600eb189ca5df1b5fb4e3ebe3

    • SHA1

      78d8779e99b4c6700e14a9ebdcaf2d7260c5c973

    • SHA256

      78735ddc6b8b9c2c02bef3160495ca87a3a0d6bd87eae0482ba4e4b1913ce99b

    • SHA512

      81d6ed9677e12b8d2ee811107a6de78ccd2a4b911e1f318fbe63b738da29b32f02cd20d22ff0ddcbb80f61cce0dbff3d586b274c3359ddea68caac0c19dc3408

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLAJYH5:1dWubF3n9S91BF3fbosJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks