General

  • Target

    7ab3c63079823391220cc864bdfbc9e664943c8809d12c0dda92600dae4f1f9b

  • Size

    51KB

  • Sample

    240612-as87bswgpc

  • MD5

    36e6012b560cb295392fa5bf895842ab

  • SHA1

    c9076ee8734d4bd7aad2b9f149c2f46638cf4cf8

  • SHA256

    7ab3c63079823391220cc864bdfbc9e664943c8809d12c0dda92600dae4f1f9b

  • SHA512

    a912080374d6dbdf3861c8c83d3852c6217c6a93daf950d861ce10fc973bfafbc2743b2f3ff1b2cf149f210b59982ee60c039ab424fd89266b22bf1f4dfbad0f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLGJYH5:1dWubF3n9S91BF3fboqJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      7ab3c63079823391220cc864bdfbc9e664943c8809d12c0dda92600dae4f1f9b

    • Size

      51KB

    • MD5

      36e6012b560cb295392fa5bf895842ab

    • SHA1

      c9076ee8734d4bd7aad2b9f149c2f46638cf4cf8

    • SHA256

      7ab3c63079823391220cc864bdfbc9e664943c8809d12c0dda92600dae4f1f9b

    • SHA512

      a912080374d6dbdf3861c8c83d3852c6217c6a93daf950d861ce10fc973bfafbc2743b2f3ff1b2cf149f210b59982ee60c039ab424fd89266b22bf1f4dfbad0f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLGJYH5:1dWubF3n9S91BF3fboqJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks