General

  • Target

    42b5b9cf02d5fc8ad17d63e5ebe7814d4679affbd43f2d7d8b57c770f5de1215

  • Size

    51KB

  • Sample

    240619-3jh8rs1fmk

  • MD5

    1b2afdfcb53b04ed11a434985959fcd9

  • SHA1

    9565e46323a18fd738ae974fb696fc3324fda967

  • SHA256

    42b5b9cf02d5fc8ad17d63e5ebe7814d4679affbd43f2d7d8b57c770f5de1215

  • SHA512

    0aec74d4cb4f4107e2589de2be6b0a4561310bd785b7e059867c61d3e58ed087415e47017f545e89946b175c8a30f2eaf2ff47b5b8f124eae75b92c1499346cd

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLaJYH5:1dWubF3n9S91BF3fbo2JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      42b5b9cf02d5fc8ad17d63e5ebe7814d4679affbd43f2d7d8b57c770f5de1215

    • Size

      51KB

    • MD5

      1b2afdfcb53b04ed11a434985959fcd9

    • SHA1

      9565e46323a18fd738ae974fb696fc3324fda967

    • SHA256

      42b5b9cf02d5fc8ad17d63e5ebe7814d4679affbd43f2d7d8b57c770f5de1215

    • SHA512

      0aec74d4cb4f4107e2589de2be6b0a4561310bd785b7e059867c61d3e58ed087415e47017f545e89946b175c8a30f2eaf2ff47b5b8f124eae75b92c1499346cd

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLaJYH5:1dWubF3n9S91BF3fbo2JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks