General

  • Target

    294c942bc70c124ae0dcd7a1505909e89a593b384821574863f6aee20da85cc2

  • Size

    51KB

  • Sample

    240619-f8mwxszakk

  • MD5

    19463a098f722dd18ff770f7c94360ff

  • SHA1

    83183ef6b264b8dc0b78c04e8ec54e6d0a2fefae

  • SHA256

    294c942bc70c124ae0dcd7a1505909e89a593b384821574863f6aee20da85cc2

  • SHA512

    b10e1253998691231c6a976c0b267ded21bfde385aa73bd4f3d5bd59e0b3d3bbb7069d12fb1fb6607a2e2eae7bcaa86fa0c130395792f70ff669010f49cf1f6d

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZJYH5:1dWubF3n9S91BF3fbotJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      294c942bc70c124ae0dcd7a1505909e89a593b384821574863f6aee20da85cc2

    • Size

      51KB

    • MD5

      19463a098f722dd18ff770f7c94360ff

    • SHA1

      83183ef6b264b8dc0b78c04e8ec54e6d0a2fefae

    • SHA256

      294c942bc70c124ae0dcd7a1505909e89a593b384821574863f6aee20da85cc2

    • SHA512

      b10e1253998691231c6a976c0b267ded21bfde385aa73bd4f3d5bd59e0b3d3bbb7069d12fb1fb6607a2e2eae7bcaa86fa0c130395792f70ff669010f49cf1f6d

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZJYH5:1dWubF3n9S91BF3fbotJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks