General

  • Target

    76100ddaa8e70cec4b7c8a38d4218551182a0eda1611a5b9fd4628c9c8a3c468

  • Size

    51KB

  • Sample

    240619-f6sz6ayhqk

  • MD5

    c79777d0d2f1d459b4b7d155b87e354a

  • SHA1

    d330a99a1f8087ea2cb2ddc99e867fdf6961c505

  • SHA256

    76100ddaa8e70cec4b7c8a38d4218551182a0eda1611a5b9fd4628c9c8a3c468

  • SHA512

    c1624f7fcdb98c7fca8a2220d146970f781cd767024b4038ddcc31436d5edeac3e53a29381ed703ccfa1c4fba6d596e90439af44a0024fc361fc7a4d86183dbc

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL0JYH5:1dWubF3n9S91BF3fboQJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      76100ddaa8e70cec4b7c8a38d4218551182a0eda1611a5b9fd4628c9c8a3c468

    • Size

      51KB

    • MD5

      c79777d0d2f1d459b4b7d155b87e354a

    • SHA1

      d330a99a1f8087ea2cb2ddc99e867fdf6961c505

    • SHA256

      76100ddaa8e70cec4b7c8a38d4218551182a0eda1611a5b9fd4628c9c8a3c468

    • SHA512

      c1624f7fcdb98c7fca8a2220d146970f781cd767024b4038ddcc31436d5edeac3e53a29381ed703ccfa1c4fba6d596e90439af44a0024fc361fc7a4d86183dbc

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL0JYH5:1dWubF3n9S91BF3fboQJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks