General

  • Target

    8cade8b2dd2339057a7e90e5cef227fae50df6329a18ad953edda19965d8a7c2

  • Size

    51KB

  • Sample

    240612-as9svswgpe

  • MD5

    69814107c7c6f7f5b52b0eced62c655f

  • SHA1

    cf6370fba46cac4b85e219af009328bfe654aae7

  • SHA256

    8cade8b2dd2339057a7e90e5cef227fae50df6329a18ad953edda19965d8a7c2

  • SHA512

    5119ec998702d712ff9caf20f3ce57ae81596df9c26d0be37307e1b251b005d44af40ad64fa2aaa0aa6216cb2101a4daf94c8d8d6eb74b760395f735f8a78995

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLeJYH5:1dWubF3n9S91BF3fboaJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      8cade8b2dd2339057a7e90e5cef227fae50df6329a18ad953edda19965d8a7c2

    • Size

      51KB

    • MD5

      69814107c7c6f7f5b52b0eced62c655f

    • SHA1

      cf6370fba46cac4b85e219af009328bfe654aae7

    • SHA256

      8cade8b2dd2339057a7e90e5cef227fae50df6329a18ad953edda19965d8a7c2

    • SHA512

      5119ec998702d712ff9caf20f3ce57ae81596df9c26d0be37307e1b251b005d44af40ad64fa2aaa0aa6216cb2101a4daf94c8d8d6eb74b760395f735f8a78995

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLeJYH5:1dWubF3n9S91BF3fboaJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks