General

  • Target

    3deb52a7ff86ce4d441f8ecee10a6019f7444a3f5f481b09fa4c4b38e64708c0

  • Size

    51KB

  • Sample

    240612-bzndwaxhjf

  • MD5

    31dcfb737d161ad763c1ebd2c96d4bb1

  • SHA1

    7565cfc7dee4159f7ba54d2199fa5984b701009a

  • SHA256

    3deb52a7ff86ce4d441f8ecee10a6019f7444a3f5f481b09fa4c4b38e64708c0

  • SHA512

    7586faf453620bb9eab8f68be5d4e631da2a197556da4663364189fab5aa92aa8a8edef1103dc51acdc1a994d37a652b637181515babe5daeb90f2a9ace74841

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLrJYH5:1dWubF3n9S91BF3fbo3JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3deb52a7ff86ce4d441f8ecee10a6019f7444a3f5f481b09fa4c4b38e64708c0

    • Size

      51KB

    • MD5

      31dcfb737d161ad763c1ebd2c96d4bb1

    • SHA1

      7565cfc7dee4159f7ba54d2199fa5984b701009a

    • SHA256

      3deb52a7ff86ce4d441f8ecee10a6019f7444a3f5f481b09fa4c4b38e64708c0

    • SHA512

      7586faf453620bb9eab8f68be5d4e631da2a197556da4663364189fab5aa92aa8a8edef1103dc51acdc1a994d37a652b637181515babe5daeb90f2a9ace74841

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLrJYH5:1dWubF3n9S91BF3fbo3JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks