General

  • Target

    48bb534ee5a21a3f98f675066c316bf2328a8bc685c51c7c766cadbee8b1c69f

  • Size

    51KB

  • Sample

    240612-cyv8rsygkq

  • MD5

    85566db9c622e3266216bc801cf29a34

  • SHA1

    75df53e76adf762b41b49f74433d738a68eb3b5c

  • SHA256

    48bb534ee5a21a3f98f675066c316bf2328a8bc685c51c7c766cadbee8b1c69f

  • SHA512

    3e68d9c1c0cc0ef66d01507924a70e9e75c56f0d655d07fdb42893f021a196de489b67d93d8753c64fa8fef8493758c4efa0711b6ccf00c67757fe06eee7f524

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fbobJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      48bb534ee5a21a3f98f675066c316bf2328a8bc685c51c7c766cadbee8b1c69f

    • Size

      51KB

    • MD5

      85566db9c622e3266216bc801cf29a34

    • SHA1

      75df53e76adf762b41b49f74433d738a68eb3b5c

    • SHA256

      48bb534ee5a21a3f98f675066c316bf2328a8bc685c51c7c766cadbee8b1c69f

    • SHA512

      3e68d9c1c0cc0ef66d01507924a70e9e75c56f0d655d07fdb42893f021a196de489b67d93d8753c64fa8fef8493758c4efa0711b6ccf00c67757fe06eee7f524

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fbobJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks