General

  • Target

    303250e5ce4fd638a791faebde64c522183f9eb0ba3185db833c17d3f241d28b

  • Size

    51KB

  • Sample

    240612-bwjxaaxfqg

  • MD5

    704150d6aae17192833092a67345cb01

  • SHA1

    67710c129fd0f508578d542a087c14b0878d73da

  • SHA256

    303250e5ce4fd638a791faebde64c522183f9eb0ba3185db833c17d3f241d28b

  • SHA512

    b6f402f4ece0a9dc791302fd17b446d28d1f6e0ef3b7623f3b77cb120cb8155855e0b878e73f963a11a681b24db423404255a8a6b8559ea008c63704edf674e2

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+rJYH5:1dWubF3n9S91BF3fbocJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      303250e5ce4fd638a791faebde64c522183f9eb0ba3185db833c17d3f241d28b

    • Size

      51KB

    • MD5

      704150d6aae17192833092a67345cb01

    • SHA1

      67710c129fd0f508578d542a087c14b0878d73da

    • SHA256

      303250e5ce4fd638a791faebde64c522183f9eb0ba3185db833c17d3f241d28b

    • SHA512

      b6f402f4ece0a9dc791302fd17b446d28d1f6e0ef3b7623f3b77cb120cb8155855e0b878e73f963a11a681b24db423404255a8a6b8559ea008c63704edf674e2

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+rJYH5:1dWubF3n9S91BF3fbocJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks