General

  • Target

    3137a095974cfaf893b28dc4609b6cea4cafd14498500cd3a5b26c253261fdb1

  • Size

    51KB

  • Sample

    240619-2effmsvcnd

  • MD5

    8e800c353c4dfff863cb097ab8f82db0

  • SHA1

    f948860e3eb33da98110e590365e59c0d62832b1

  • SHA256

    3137a095974cfaf893b28dc4609b6cea4cafd14498500cd3a5b26c253261fdb1

  • SHA512

    25a81b884e974d23d021be4dbdba83a672f956a73978a58288d3b5cafa1c9e7c959d4a067d4d0743c0ac2c50f52ed90ccdc8689a536d8a30524ddbd55d5f5faf

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      3137a095974cfaf893b28dc4609b6cea4cafd14498500cd3a5b26c253261fdb1

    • Size

      51KB

    • MD5

      8e800c353c4dfff863cb097ab8f82db0

    • SHA1

      f948860e3eb33da98110e590365e59c0d62832b1

    • SHA256

      3137a095974cfaf893b28dc4609b6cea4cafd14498500cd3a5b26c253261fdb1

    • SHA512

      25a81b884e974d23d021be4dbdba83a672f956a73978a58288d3b5cafa1c9e7c959d4a067d4d0743c0ac2c50f52ed90ccdc8689a536d8a30524ddbd55d5f5faf

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks