General

  • Target

    229ae59e4fb21e3c7c93c7cae8aaef972fa0b77794de03f7dff669547b8c43e9

  • Size

    51KB

  • Sample

    240619-2hz98ayhqq

  • MD5

    a5f063dc7c7a2dace115b0062af8c0b8

  • SHA1

    fbfc3966b9d3b09cc41d8403852499729243975b

  • SHA256

    229ae59e4fb21e3c7c93c7cae8aaef972fa0b77794de03f7dff669547b8c43e9

  • SHA512

    0838e5cf6f0f3736c375f650b192061f8cca7ec0522c2fd75a255b6b7de784d584305f8bb30a577a285ac713e16b2d4f1aaadb4e4d50c7abd2dc0777f2e1e7a8

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLqJYH5:1dWubF3n9S91BF3fboWJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      229ae59e4fb21e3c7c93c7cae8aaef972fa0b77794de03f7dff669547b8c43e9

    • Size

      51KB

    • MD5

      a5f063dc7c7a2dace115b0062af8c0b8

    • SHA1

      fbfc3966b9d3b09cc41d8403852499729243975b

    • SHA256

      229ae59e4fb21e3c7c93c7cae8aaef972fa0b77794de03f7dff669547b8c43e9

    • SHA512

      0838e5cf6f0f3736c375f650b192061f8cca7ec0522c2fd75a255b6b7de784d584305f8bb30a577a285ac713e16b2d4f1aaadb4e4d50c7abd2dc0777f2e1e7a8

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLqJYH5:1dWubF3n9S91BF3fboWJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks