General

  • Target

    c102f059856431c356bf272718c4db7d9b72824b27933a3ab6727d6d7078e940

  • Size

    51KB

  • Sample

    240620-as4lvayfjg

  • MD5

    82fdbb6e2abb55ea111ce906b28a2c8b

  • SHA1

    d97125cf8add8c862a5b44296878249c1eaaaa61

  • SHA256

    c102f059856431c356bf272718c4db7d9b72824b27933a3ab6727d6d7078e940

  • SHA512

    c17ff81764cd32673aed963156c6976df8bb3b76099dbdeac04522ca331d9d811191b72153c35f111185f67c26bc8b9592393e20008cb40c055e1bdffd2f2a91

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fboDJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c102f059856431c356bf272718c4db7d9b72824b27933a3ab6727d6d7078e940

    • Size

      51KB

    • MD5

      82fdbb6e2abb55ea111ce906b28a2c8b

    • SHA1

      d97125cf8add8c862a5b44296878249c1eaaaa61

    • SHA256

      c102f059856431c356bf272718c4db7d9b72824b27933a3ab6727d6d7078e940

    • SHA512

      c17ff81764cd32673aed963156c6976df8bb3b76099dbdeac04522ca331d9d811191b72153c35f111185f67c26bc8b9592393e20008cb40c055e1bdffd2f2a91

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fboDJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks