General

  • Target

    e307aee3de6cd10b8d45d611ab7526527ac96bff3e40418b3e8a2daeca41684e

  • Size

    51KB

  • Sample

    240623-2ndy6swbnc

  • MD5

    f7fd831cb7ac8f7036471fad4d5cd73a

  • SHA1

    fc002b66fbfaed7f1b80cc03dcf83fab557dc762

  • SHA256

    e307aee3de6cd10b8d45d611ab7526527ac96bff3e40418b3e8a2daeca41684e

  • SHA512

    1403e72ebe75e3d5c1e531d062a970c708ed77ecedf64aa4a0b02759821f02f3e6d0ea21e7eb8dcb71afa092b097280eef78c9816f291e533ea5a5b3c2fa4597

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+4JYH5:1dWubF3n9S91BF3fbo7JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e307aee3de6cd10b8d45d611ab7526527ac96bff3e40418b3e8a2daeca41684e

    • Size

      51KB

    • MD5

      f7fd831cb7ac8f7036471fad4d5cd73a

    • SHA1

      fc002b66fbfaed7f1b80cc03dcf83fab557dc762

    • SHA256

      e307aee3de6cd10b8d45d611ab7526527ac96bff3e40418b3e8a2daeca41684e

    • SHA512

      1403e72ebe75e3d5c1e531d062a970c708ed77ecedf64aa4a0b02759821f02f3e6d0ea21e7eb8dcb71afa092b097280eef78c9816f291e533ea5a5b3c2fa4597

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+4JYH5:1dWubF3n9S91BF3fbo7JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks