General

  • Target

    0072c095d7a0de93e82386979426dcfe097637a81ce2992e533f12b282afb1fe

  • Size

    51KB

  • Sample

    240612-cyx3csygll

  • MD5

    548f0d6ee54057ef13ba1cce64700a81

  • SHA1

    bfdccaaf9b02ceedd1f2b73d9bd721b3e11ccc52

  • SHA256

    0072c095d7a0de93e82386979426dcfe097637a81ce2992e533f12b282afb1fe

  • SHA512

    4342f4745a7012022095dc5bfd4285c11d436868bbde18598510f025d609c93014d2f3777e86b8f856ea7f9155d419e3db93616ddc267a144cde0d165ca896a2

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL2JYH5:1dWubF3n9S91BF3fboyJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      0072c095d7a0de93e82386979426dcfe097637a81ce2992e533f12b282afb1fe

    • Size

      51KB

    • MD5

      548f0d6ee54057ef13ba1cce64700a81

    • SHA1

      bfdccaaf9b02ceedd1f2b73d9bd721b3e11ccc52

    • SHA256

      0072c095d7a0de93e82386979426dcfe097637a81ce2992e533f12b282afb1fe

    • SHA512

      4342f4745a7012022095dc5bfd4285c11d436868bbde18598510f025d609c93014d2f3777e86b8f856ea7f9155d419e3db93616ddc267a144cde0d165ca896a2

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL2JYH5:1dWubF3n9S91BF3fboyJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks