General

  • Target

    603ab6419ea365e7c2677ed1b581dee0_NeikiAnalytics.exe

  • Size

    51KB

  • Sample

    240618-2rkwwsybre

  • MD5

    603ab6419ea365e7c2677ed1b581dee0

  • SHA1

    40a6c78bf3a36a3878957247ba1d26d785e38b8c

  • SHA256

    0a702146ed9bc0e1f23c3f5cf84697cfc3bafdb901d258d4d96eb3177e8f4f55

  • SHA512

    a5a8a08b1b4d3bb411d16dd242cc9f5079b5adc417db556d659e230d66628e963ee7e83c68e7e551db9a0426769957c8284a9835ba69482032342fb2e852fc62

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fbocJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      603ab6419ea365e7c2677ed1b581dee0_NeikiAnalytics.exe

    • Size

      51KB

    • MD5

      603ab6419ea365e7c2677ed1b581dee0

    • SHA1

      40a6c78bf3a36a3878957247ba1d26d785e38b8c

    • SHA256

      0a702146ed9bc0e1f23c3f5cf84697cfc3bafdb901d258d4d96eb3177e8f4f55

    • SHA512

      a5a8a08b1b4d3bb411d16dd242cc9f5079b5adc417db556d659e230d66628e963ee7e83c68e7e551db9a0426769957c8284a9835ba69482032342fb2e852fc62

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLgJYH5:1dWubF3n9S91BF3fbocJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks