General

  • Target

    eedcbbcaff968bbbb6b24312073069f297bd0e78ae757ba32de25b7d0c10ae97

  • Size

    51KB

  • Sample

    240612-b3tp3axhrp

  • MD5

    91a777f0adf66b8ae448956a1488b207

  • SHA1

    8daf763f2331ed3df76736b102cc68e8ab1ee636

  • SHA256

    eedcbbcaff968bbbb6b24312073069f297bd0e78ae757ba32de25b7d0c10ae97

  • SHA512

    59f26f4cc7c82fe25df991b92941df6e652a5a57d7745b2b48a10c76d527d589a8b15769646a4a06d79add1568c8380426fd6773464d44160ed04832643bb98e

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL0JYH5:1dWubF3n9S91BF3fbooJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      eedcbbcaff968bbbb6b24312073069f297bd0e78ae757ba32de25b7d0c10ae97

    • Size

      51KB

    • MD5

      91a777f0adf66b8ae448956a1488b207

    • SHA1

      8daf763f2331ed3df76736b102cc68e8ab1ee636

    • SHA256

      eedcbbcaff968bbbb6b24312073069f297bd0e78ae757ba32de25b7d0c10ae97

    • SHA512

      59f26f4cc7c82fe25df991b92941df6e652a5a57d7745b2b48a10c76d527d589a8b15769646a4a06d79add1568c8380426fd6773464d44160ed04832643bb98e

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL0JYH5:1dWubF3n9S91BF3fbooJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks