General

  • Target

    e1e2ec92bf6484b7e8841a0403081282bb1ea4f26b03bc9f6cdf601dfb3bc25c

  • Size

    51KB

  • Sample

    240612-cyvx1aygkp

  • MD5

    63d80ebec47402a0b083f76e36cd92da

  • SHA1

    ed0e75a94082a1bf4325aee6744fda76e8c46745

  • SHA256

    e1e2ec92bf6484b7e8841a0403081282bb1ea4f26b03bc9f6cdf601dfb3bc25c

  • SHA512

    1940d4f0f206a864bf66af83a98484532e4f259af7a93369cb6b7ed5d541f180220de7b19512746cad98ebe2ce89c5fe264c545ae03db9c5ff5d6c8db514baff

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLWJYH5:1dWubF3n9S91BF3fboqJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e1e2ec92bf6484b7e8841a0403081282bb1ea4f26b03bc9f6cdf601dfb3bc25c

    • Size

      51KB

    • MD5

      63d80ebec47402a0b083f76e36cd92da

    • SHA1

      ed0e75a94082a1bf4325aee6744fda76e8c46745

    • SHA256

      e1e2ec92bf6484b7e8841a0403081282bb1ea4f26b03bc9f6cdf601dfb3bc25c

    • SHA512

      1940d4f0f206a864bf66af83a98484532e4f259af7a93369cb6b7ed5d541f180220de7b19512746cad98ebe2ce89c5fe264c545ae03db9c5ff5d6c8db514baff

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLWJYH5:1dWubF3n9S91BF3fboqJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks