General

  • Target

    b60ac02e40dbf84dc77e4082905e2beae7c15e633366bdf643a6266c120791f3

  • Size

    51KB

  • Sample

    240619-2ee5wavcna

  • MD5

    e2c9d40caeaef9955ed6f36488c97a2a

  • SHA1

    ff3593f65cf31a6a5d20e0156046cc8f45ef53da

  • SHA256

    b60ac02e40dbf84dc77e4082905e2beae7c15e633366bdf643a6266c120791f3

  • SHA512

    30f2841d8f22ed2f20fe4edeb06188d2f2ccb8df92f974d84f79393d4d53963f51a95fbfc8ad961989c2b062c63a5ec8e0f8c56d0eb363940d8c4fdf9e6c9343

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLTJYH5:1dWubF3n9S91BF3fbo3JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      b60ac02e40dbf84dc77e4082905e2beae7c15e633366bdf643a6266c120791f3

    • Size

      51KB

    • MD5

      e2c9d40caeaef9955ed6f36488c97a2a

    • SHA1

      ff3593f65cf31a6a5d20e0156046cc8f45ef53da

    • SHA256

      b60ac02e40dbf84dc77e4082905e2beae7c15e633366bdf643a6266c120791f3

    • SHA512

      30f2841d8f22ed2f20fe4edeb06188d2f2ccb8df92f974d84f79393d4d53963f51a95fbfc8ad961989c2b062c63a5ec8e0f8c56d0eb363940d8c4fdf9e6c9343

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLTJYH5:1dWubF3n9S91BF3fbo3JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks