General

  • Target

    ead71535a826d10608930f12344fec87301d17f5c7eaaf3d10c9ce2ff167b6b6

  • Size

    51KB

  • Sample

    240623-1lc4estbne

  • MD5

    e7d74f5f59bf585fd9e22b88449468a9

  • SHA1

    eb608bca2ddb3d0f50ae23bb9ddff4f514f95912

  • SHA256

    ead71535a826d10608930f12344fec87301d17f5c7eaaf3d10c9ce2ff167b6b6

  • SHA512

    57335728585a8dbd7089c882dfbd1e021e92d5ece1ec9343e47bf833b48b6d0db52f4ee1d768f29f1a4bfb55ed42e82212b0093284fb03216722f23f65b9f400

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fboZJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      ead71535a826d10608930f12344fec87301d17f5c7eaaf3d10c9ce2ff167b6b6

    • Size

      51KB

    • MD5

      e7d74f5f59bf585fd9e22b88449468a9

    • SHA1

      eb608bca2ddb3d0f50ae23bb9ddff4f514f95912

    • SHA256

      ead71535a826d10608930f12344fec87301d17f5c7eaaf3d10c9ce2ff167b6b6

    • SHA512

      57335728585a8dbd7089c882dfbd1e021e92d5ece1ec9343e47bf833b48b6d0db52f4ee1d768f29f1a4bfb55ed42e82212b0093284fb03216722f23f65b9f400

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLFJYH5:1dWubF3n9S91BF3fboZJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks