General

  • Target

    c81a9b8c53d38b56dcc2304fdf624ae7480bf4c03762aaa041f87c069cb63d8e

  • Size

    51KB

  • Sample

    240619-2f85cavdka

  • MD5

    bd93f834a74c053e52ff6e0d175eb009

  • SHA1

    ea49fd84fa2cce657c6c909e98cdb9fc9c204f87

  • SHA256

    c81a9b8c53d38b56dcc2304fdf624ae7480bf4c03762aaa041f87c069cb63d8e

  • SHA512

    9aa7cb03b094da19edec37c6680bf90c759e49ce682a0d99f52f7591a3aacea09b123acbc60d1e0f763b6d3f957beda1662c4255e1807f64a48e9a7ae2e242c5

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLMJYH5:1dWubF3n9S91BF3fbogJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c81a9b8c53d38b56dcc2304fdf624ae7480bf4c03762aaa041f87c069cb63d8e

    • Size

      51KB

    • MD5

      bd93f834a74c053e52ff6e0d175eb009

    • SHA1

      ea49fd84fa2cce657c6c909e98cdb9fc9c204f87

    • SHA256

      c81a9b8c53d38b56dcc2304fdf624ae7480bf4c03762aaa041f87c069cb63d8e

    • SHA512

      9aa7cb03b094da19edec37c6680bf90c759e49ce682a0d99f52f7591a3aacea09b123acbc60d1e0f763b6d3f957beda1662c4255e1807f64a48e9a7ae2e242c5

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLMJYH5:1dWubF3n9S91BF3fbogJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks