General

  • Target

    5163fc2af08482c002115f7be41c5d75e55e0a1956e36b3c42e5c7476c2bdcb4

  • Size

    51KB

  • Sample

    240619-2hy26avdpe

  • MD5

    c8bb936418bda7a9c2abc8d9df3fa81e

  • SHA1

    107a35976676b3992d848c063d72c6c4ffc59359

  • SHA256

    5163fc2af08482c002115f7be41c5d75e55e0a1956e36b3c42e5c7476c2bdcb4

  • SHA512

    87a2a7f042b89d3797603131058ea570df5296cf2c2aaf57d37171bad9a3dfcfa982761007ab5799b77ef7d97f9df5ec7f2a172388370c66ce26ce2021b9788e

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+3JYH5:1dWubF3n9S91BF3fbooJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5163fc2af08482c002115f7be41c5d75e55e0a1956e36b3c42e5c7476c2bdcb4

    • Size

      51KB

    • MD5

      c8bb936418bda7a9c2abc8d9df3fa81e

    • SHA1

      107a35976676b3992d848c063d72c6c4ffc59359

    • SHA256

      5163fc2af08482c002115f7be41c5d75e55e0a1956e36b3c42e5c7476c2bdcb4

    • SHA512

      87a2a7f042b89d3797603131058ea570df5296cf2c2aaf57d37171bad9a3dfcfa982761007ab5799b77ef7d97f9df5ec7f2a172388370c66ce26ce2021b9788e

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+3JYH5:1dWubF3n9S91BF3fbooJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks