General

  • Target

    f772b52bea2e2c59b30a217827444fbaf80ec77931aae322b5cbce1c7d8d0929

  • Size

    51KB

  • Sample

    240619-2kr2mavemg

  • MD5

    4c1977f9480b33a23215ff8c471db0ab

  • SHA1

    f9a86790de40e4a3649e992104275f39e1f9f908

  • SHA256

    f772b52bea2e2c59b30a217827444fbaf80ec77931aae322b5cbce1c7d8d0929

  • SHA512

    6a626fb9e9d5dc8544b38fac9ef93dd686869b4e54b38021c3640514fd04ad40beb75c9248678f5e517e655ba1b99a0b2cff03c1d6e91d9bb64ec1f6ce402d25

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLYJYH5:1dWubF3n9S91BF3fbokJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f772b52bea2e2c59b30a217827444fbaf80ec77931aae322b5cbce1c7d8d0929

    • Size

      51KB

    • MD5

      4c1977f9480b33a23215ff8c471db0ab

    • SHA1

      f9a86790de40e4a3649e992104275f39e1f9f908

    • SHA256

      f772b52bea2e2c59b30a217827444fbaf80ec77931aae322b5cbce1c7d8d0929

    • SHA512

      6a626fb9e9d5dc8544b38fac9ef93dd686869b4e54b38021c3640514fd04ad40beb75c9248678f5e517e655ba1b99a0b2cff03c1d6e91d9bb64ec1f6ce402d25

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLYJYH5:1dWubF3n9S91BF3fbokJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks