General

  • Target

    4fc034c16d9c302fd49b146ff9cbcd68c28d7bebff7e732c8a3829d33be08ed9

  • Size

    51KB

  • Sample

    240623-1k2qdstble

  • MD5

    49c709f5c2e078ebdba0cb04eca6cb08

  • SHA1

    b7bb335a43be3c3c026ce4bd3ce2816e38a1c80e

  • SHA256

    4fc034c16d9c302fd49b146ff9cbcd68c28d7bebff7e732c8a3829d33be08ed9

  • SHA512

    267b41d3c59ae1d9614bebb1aafe11a17ec8e55d473050903a0f4aae4962174269abfb50740bdb3a915f03f0864c0c0caff9565696722a11170d67e71a8a2f86

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLdJYH5:1dWubF3n9S91BF3fbopJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      4fc034c16d9c302fd49b146ff9cbcd68c28d7bebff7e732c8a3829d33be08ed9

    • Size

      51KB

    • MD5

      49c709f5c2e078ebdba0cb04eca6cb08

    • SHA1

      b7bb335a43be3c3c026ce4bd3ce2816e38a1c80e

    • SHA256

      4fc034c16d9c302fd49b146ff9cbcd68c28d7bebff7e732c8a3829d33be08ed9

    • SHA512

      267b41d3c59ae1d9614bebb1aafe11a17ec8e55d473050903a0f4aae4962174269abfb50740bdb3a915f03f0864c0c0caff9565696722a11170d67e71a8a2f86

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLdJYH5:1dWubF3n9S91BF3fbopJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks