General

  • Target

    9691eaba41eac9b19b1fde9da68380d383b9f179c449f35494777776d0aa0163

  • Size

    51KB

  • Sample

    240612-fxhg3a1hkr

  • MD5

    dfe01f783b884eb673d1b19199e288b4

  • SHA1

    c775b736176f61bd69acb5fb472d664d9866667a

  • SHA256

    9691eaba41eac9b19b1fde9da68380d383b9f179c449f35494777776d0aa0163

  • SHA512

    caa9c17b20e4a3379903828bfd92c54439abf69819636be4fd0eefe436acbd6507046124765e40eb450eddd5622c1a34b8ef78730790628e002207e52eef2713

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLJJYH5:1dWubF3n9S91BF3fboVJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      9691eaba41eac9b19b1fde9da68380d383b9f179c449f35494777776d0aa0163

    • Size

      51KB

    • MD5

      dfe01f783b884eb673d1b19199e288b4

    • SHA1

      c775b736176f61bd69acb5fb472d664d9866667a

    • SHA256

      9691eaba41eac9b19b1fde9da68380d383b9f179c449f35494777776d0aa0163

    • SHA512

      caa9c17b20e4a3379903828bfd92c54439abf69819636be4fd0eefe436acbd6507046124765e40eb450eddd5622c1a34b8ef78730790628e002207e52eef2713

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLJJYH5:1dWubF3n9S91BF3fboVJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks