General

  • Target

    f7e7792e2f35a85186588eee1c9a14a399b0bb6266420acc245403d93c452225

  • Size

    51KB

  • Sample

    240623-2p7b4swcnb

  • MD5

    678973d4e99aaffe1d9d00f42fcc91f6

  • SHA1

    f82cefd91fcfd2300d2f80c6839503527aefd5aa

  • SHA256

    f7e7792e2f35a85186588eee1c9a14a399b0bb6266420acc245403d93c452225

  • SHA512

    788f19fe04dd3f1440f512449c5d0f6185cee0dc94dc01c0ea418ab2a33d54c16f7b5df86df73286749e444c9be2f4935cb694d6e88e6434ad649e410c4a72fa

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLhJYH5:1dWubF3n9S91BF3fbolJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f7e7792e2f35a85186588eee1c9a14a399b0bb6266420acc245403d93c452225

    • Size

      51KB

    • MD5

      678973d4e99aaffe1d9d00f42fcc91f6

    • SHA1

      f82cefd91fcfd2300d2f80c6839503527aefd5aa

    • SHA256

      f7e7792e2f35a85186588eee1c9a14a399b0bb6266420acc245403d93c452225

    • SHA512

      788f19fe04dd3f1440f512449c5d0f6185cee0dc94dc01c0ea418ab2a33d54c16f7b5df86df73286749e444c9be2f4935cb694d6e88e6434ad649e410c4a72fa

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLhJYH5:1dWubF3n9S91BF3fbolJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks