General

  • Target

    4e47438c5684cc952b8f378e008f60c2bd647668f5b753450ad6f32b2ef3d3c5

  • Size

    51KB

  • Sample

    240612-b21f8axhqd

  • MD5

    6a5fbd0095c836df1fe75a0e5353ffa7

  • SHA1

    9a652ab3b9c6ac187b80ff4c71ab2a1c61a8b7d0

  • SHA256

    4e47438c5684cc952b8f378e008f60c2bd647668f5b753450ad6f32b2ef3d3c5

  • SHA512

    9c8c44eb999396d24e72c0ed317c9b8209425338ab8cf5d05bbddbfb24e221d571d7735942820e5ff35b3bbf5032ad9d92f36797f21bf5ce632408c79c55dc27

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboCJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      4e47438c5684cc952b8f378e008f60c2bd647668f5b753450ad6f32b2ef3d3c5

    • Size

      51KB

    • MD5

      6a5fbd0095c836df1fe75a0e5353ffa7

    • SHA1

      9a652ab3b9c6ac187b80ff4c71ab2a1c61a8b7d0

    • SHA256

      4e47438c5684cc952b8f378e008f60c2bd647668f5b753450ad6f32b2ef3d3c5

    • SHA512

      9c8c44eb999396d24e72c0ed317c9b8209425338ab8cf5d05bbddbfb24e221d571d7735942820e5ff35b3bbf5032ad9d92f36797f21bf5ce632408c79c55dc27

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboCJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks