General

  • Target

    77c240ee1fa600604e753e31e0a76d41ff2a8e9497d4a7caae21cf7fe1b32555

  • Size

    51KB

  • Sample

    240623-2ndy6szanj

  • MD5

    9831ab21c9366026e0e3122d54c8def8

  • SHA1

    bf780ffd00aabdea959ef45c56b7b4161deb9af9

  • SHA256

    77c240ee1fa600604e753e31e0a76d41ff2a8e9497d4a7caae21cf7fe1b32555

  • SHA512

    4237b46e6c868422884ccd7fe1fb62eaa076f3fe8e65f67717c40fa9fc06b1cf7c151745b4bc4ab3293273f326055c622b5f27255e6b2e82a9de7d0001e57753

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fboeJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      77c240ee1fa600604e753e31e0a76d41ff2a8e9497d4a7caae21cf7fe1b32555

    • Size

      51KB

    • MD5

      9831ab21c9366026e0e3122d54c8def8

    • SHA1

      bf780ffd00aabdea959ef45c56b7b4161deb9af9

    • SHA256

      77c240ee1fa600604e753e31e0a76d41ff2a8e9497d4a7caae21cf7fe1b32555

    • SHA512

      4237b46e6c868422884ccd7fe1fb62eaa076f3fe8e65f67717c40fa9fc06b1cf7c151745b4bc4ab3293273f326055c622b5f27255e6b2e82a9de7d0001e57753

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fboeJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks