General

  • Target

    e4197dfccddcdb017ad3e2f9273e940fd44caa42a3df1752c936683a258b8023

  • Size

    51KB

  • Sample

    240623-1lcgwstbnb

  • MD5

    888bfe1a434808880404b41bed10d159

  • SHA1

    8e59770d60eb759508e49779221d78939ab94f21

  • SHA256

    e4197dfccddcdb017ad3e2f9273e940fd44caa42a3df1752c936683a258b8023

  • SHA512

    61eb83e9d2560789b8d8c97d60c44b00d704fc20d39a92367810e15f812213310e33989903466c010b8695bda67e43b9fae78e8d03f89315448023cef04070be

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fboFJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e4197dfccddcdb017ad3e2f9273e940fd44caa42a3df1752c936683a258b8023

    • Size

      51KB

    • MD5

      888bfe1a434808880404b41bed10d159

    • SHA1

      8e59770d60eb759508e49779221d78939ab94f21

    • SHA256

      e4197dfccddcdb017ad3e2f9273e940fd44caa42a3df1752c936683a258b8023

    • SHA512

      61eb83e9d2560789b8d8c97d60c44b00d704fc20d39a92367810e15f812213310e33989903466c010b8695bda67e43b9fae78e8d03f89315448023cef04070be

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fboFJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks