General

  • Target

    8584c63c94be157e67ec094d2fea15a6a56cf991ca7fe9da907c930dc089f3a1

  • Size

    51KB

  • Sample

    240623-2ndneazamq

  • MD5

    d02e1f9a36ef2e42f94a11d4f0c93760

  • SHA1

    eaf1c4234a8bf4854b1e6fdf7c325b577736e8e5

  • SHA256

    8584c63c94be157e67ec094d2fea15a6a56cf991ca7fe9da907c930dc089f3a1

  • SHA512

    ef3ea66ab88046f398ef6e1488da38351381fb83dd9c7f53f1c03f7330475a70d60366644de3b8bc40bd34c4f84e9a62baade2845394bfe4ce88dfe5b6fc14b9

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLbJYH5:1dWubF3n9S91BF3fboPJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      8584c63c94be157e67ec094d2fea15a6a56cf991ca7fe9da907c930dc089f3a1

    • Size

      51KB

    • MD5

      d02e1f9a36ef2e42f94a11d4f0c93760

    • SHA1

      eaf1c4234a8bf4854b1e6fdf7c325b577736e8e5

    • SHA256

      8584c63c94be157e67ec094d2fea15a6a56cf991ca7fe9da907c930dc089f3a1

    • SHA512

      ef3ea66ab88046f398ef6e1488da38351381fb83dd9c7f53f1c03f7330475a70d60366644de3b8bc40bd34c4f84e9a62baade2845394bfe4ce88dfe5b6fc14b9

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLbJYH5:1dWubF3n9S91BF3fboPJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks