General

  • Target

    7dfad3fb7688504a797601d2fdce1338abcfbd12b513c1a08c375e5e8a109eda

  • Size

    51KB

  • Sample

    240619-2ee5wavcmh

  • MD5

    41f1fb296f5f8aedc2ad8dc00cd5beb6

  • SHA1

    db76cb99ed0355d0678e1bc158acac000fe73009

  • SHA256

    7dfad3fb7688504a797601d2fdce1338abcfbd12b513c1a08c375e5e8a109eda

  • SHA512

    56e60a488a98e680d49493066075e8170e6f82bc3b2e86b44e58ad2079a5f275c0fe062a8f2653bd98b3cf3e0bf64191055bddca8faade7a4c58b0e979b1f55d

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLcJYH5:1dWubF3n9S91BF3fbowJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      7dfad3fb7688504a797601d2fdce1338abcfbd12b513c1a08c375e5e8a109eda

    • Size

      51KB

    • MD5

      41f1fb296f5f8aedc2ad8dc00cd5beb6

    • SHA1

      db76cb99ed0355d0678e1bc158acac000fe73009

    • SHA256

      7dfad3fb7688504a797601d2fdce1338abcfbd12b513c1a08c375e5e8a109eda

    • SHA512

      56e60a488a98e680d49493066075e8170e6f82bc3b2e86b44e58ad2079a5f275c0fe062a8f2653bd98b3cf3e0bf64191055bddca8faade7a4c58b0e979b1f55d

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLcJYH5:1dWubF3n9S91BF3fbowJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks