General

  • Target

    bc1426d9cfd8adc29438ed1934bb00bf9dfd64563835f0f2a4b2f4516286f29c

  • Size

    51KB

  • Sample

    240612-cyvx1aygjh

  • MD5

    2b7dce8b5106cab2a97bc6eaad423e66

  • SHA1

    4b1055209c913879c262a962393a1636e05d98df

  • SHA256

    bc1426d9cfd8adc29438ed1934bb00bf9dfd64563835f0f2a4b2f4516286f29c

  • SHA512

    72165e2152bc0bba2e2d3fdcdbb43c6da91d034efee66710d70839fe52d07cc393b187b5ef92e3dc48bf1b7bbbe4f19010bf83fed5018d2646aa382b1d535461

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLrJYH5:1dWubF3n9S91BF3fbo/JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      bc1426d9cfd8adc29438ed1934bb00bf9dfd64563835f0f2a4b2f4516286f29c

    • Size

      51KB

    • MD5

      2b7dce8b5106cab2a97bc6eaad423e66

    • SHA1

      4b1055209c913879c262a962393a1636e05d98df

    • SHA256

      bc1426d9cfd8adc29438ed1934bb00bf9dfd64563835f0f2a4b2f4516286f29c

    • SHA512

      72165e2152bc0bba2e2d3fdcdbb43c6da91d034efee66710d70839fe52d07cc393b187b5ef92e3dc48bf1b7bbbe4f19010bf83fed5018d2646aa382b1d535461

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLrJYH5:1dWubF3n9S91BF3fbo/JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks