General

  • Target

    14dc991979484b8d500ae21d75c25a60_NeikiAnalytics.exe

  • Size

    51KB

  • Sample

    240612-bwazdaxfph

  • MD5

    14dc991979484b8d500ae21d75c25a60

  • SHA1

    f24420acb6f985422bc124beb436d864aceb4fc8

  • SHA256

    7a69b13497fe17a1ca1affbf725a6346e74b253007eada12db64f6a5b720c9b0

  • SHA512

    5f4eeebd027c209840a4c5eaec2b1bdf76134733330b0799a4c4df3379b863a27046adff56bb892b9d2881d7c567ac31f0c749c20f48b4476fccca6aeec4cc75

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLfJYH5:1dWubF3n9S91BF3fborJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      14dc991979484b8d500ae21d75c25a60_NeikiAnalytics.exe

    • Size

      51KB

    • MD5

      14dc991979484b8d500ae21d75c25a60

    • SHA1

      f24420acb6f985422bc124beb436d864aceb4fc8

    • SHA256

      7a69b13497fe17a1ca1affbf725a6346e74b253007eada12db64f6a5b720c9b0

    • SHA512

      5f4eeebd027c209840a4c5eaec2b1bdf76134733330b0799a4c4df3379b863a27046adff56bb892b9d2881d7c567ac31f0c749c20f48b4476fccca6aeec4cc75

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLfJYH5:1dWubF3n9S91BF3fborJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks