General

  • Target

    dcee518953a04d91f07ed65120727332184971dde2b00ae25123d495b11da43f

  • Size

    51KB

  • Sample

    240612-as94mawgpf

  • MD5

    23f5daf5464ef3f28cfc455ecf329d42

  • SHA1

    ade90057324a89567e137273058cf4031f7503f3

  • SHA256

    dcee518953a04d91f07ed65120727332184971dde2b00ae25123d495b11da43f

  • SHA512

    44723374793793d3b362c952738301577604b9673db47a9eed99f955d6a3f53949e0a119a72d27257f5f9f92d0b5b489d8255bb84eb9cbd198a57e42b144b270

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+tJYH5:1dWubF3n9S91BF3fboeJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      dcee518953a04d91f07ed65120727332184971dde2b00ae25123d495b11da43f

    • Size

      51KB

    • MD5

      23f5daf5464ef3f28cfc455ecf329d42

    • SHA1

      ade90057324a89567e137273058cf4031f7503f3

    • SHA256

      dcee518953a04d91f07ed65120727332184971dde2b00ae25123d495b11da43f

    • SHA512

      44723374793793d3b362c952738301577604b9673db47a9eed99f955d6a3f53949e0a119a72d27257f5f9f92d0b5b489d8255bb84eb9cbd198a57e42b144b270

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+tJYH5:1dWubF3n9S91BF3fboeJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks