General

  • Target

    26af2b05d20667f1efdffd9a702c875eca239ba4c5a4b1c08d93336a0ffa1d81

  • Size

    51KB

  • Sample

    240623-1lcsnatbnc

  • MD5

    28e47bc6762a59c151687c31350e7d7a

  • SHA1

    b17824b543f2f95232f0567e31ff984db2df0bff

  • SHA256

    26af2b05d20667f1efdffd9a702c875eca239ba4c5a4b1c08d93336a0ffa1d81

  • SHA512

    a51d1bc8d2a5214f3d3aab4a48dcad99d521273caa5f5228db2313b82168243b91e554358dbf3e3d0526071a35ceb1d8b48c5cdf489cf8f2bf8fdde1672d5538

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fboDJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      26af2b05d20667f1efdffd9a702c875eca239ba4c5a4b1c08d93336a0ffa1d81

    • Size

      51KB

    • MD5

      28e47bc6762a59c151687c31350e7d7a

    • SHA1

      b17824b543f2f95232f0567e31ff984db2df0bff

    • SHA256

      26af2b05d20667f1efdffd9a702c875eca239ba4c5a4b1c08d93336a0ffa1d81

    • SHA512

      a51d1bc8d2a5214f3d3aab4a48dcad99d521273caa5f5228db2313b82168243b91e554358dbf3e3d0526071a35ceb1d8b48c5cdf489cf8f2bf8fdde1672d5538

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fboDJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks