General

  • Target

    088b06fea717d8017d45ff5e9e620fd33dcd6ece2881fed62ed49835fe7426a0

  • Size

    51KB

  • Sample

    240611-pqz8zaxakc

  • MD5

    3cfdcfbbc28c828cc27c0d5ccbdb7fda

  • SHA1

    afeca2bed012be1304d57741bdcad0ea1406c56f

  • SHA256

    088b06fea717d8017d45ff5e9e620fd33dcd6ece2881fed62ed49835fe7426a0

  • SHA512

    26cf49a185965ac7e7def409ed881c40bbdc9f493eb8096c8ca8c602f2a13121d75c0534fed62649c2110d3eeb600dd3b4b0f5878382bc6e558678fdb271924d

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fbohJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      088b06fea717d8017d45ff5e9e620fd33dcd6ece2881fed62ed49835fe7426a0

    • Size

      51KB

    • MD5

      3cfdcfbbc28c828cc27c0d5ccbdb7fda

    • SHA1

      afeca2bed012be1304d57741bdcad0ea1406c56f

    • SHA256

      088b06fea717d8017d45ff5e9e620fd33dcd6ece2881fed62ed49835fe7426a0

    • SHA512

      26cf49a185965ac7e7def409ed881c40bbdc9f493eb8096c8ca8c602f2a13121d75c0534fed62649c2110d3eeb600dd3b4b0f5878382bc6e558678fdb271924d

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fbohJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks