General

  • Target

    543dbad22fff3c8eb5b7c14bb9483f12e8e6578e8d01c7fb69d393bb606f4824

  • Size

    51KB

  • Sample

    240623-2ry4hswdnc

  • MD5

    8b49ab14a4c5b1a7929bbdf43996ec79

  • SHA1

    cd157cf502ba16e3d4a70b9dc697f084066dcb60

  • SHA256

    543dbad22fff3c8eb5b7c14bb9483f12e8e6578e8d01c7fb69d393bb606f4824

  • SHA512

    0bd926d25c9bed6e536b042e9e43eeb7398f0a7d168182b4d5507553cfcd407c5ae6b32647cb5d8e221d76401d7c7faa7e9770c8c9d85560086ddc4277d2e114

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLkJYH5:1dWubF3n9S91BF3fbo4JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      543dbad22fff3c8eb5b7c14bb9483f12e8e6578e8d01c7fb69d393bb606f4824

    • Size

      51KB

    • MD5

      8b49ab14a4c5b1a7929bbdf43996ec79

    • SHA1

      cd157cf502ba16e3d4a70b9dc697f084066dcb60

    • SHA256

      543dbad22fff3c8eb5b7c14bb9483f12e8e6578e8d01c7fb69d393bb606f4824

    • SHA512

      0bd926d25c9bed6e536b042e9e43eeb7398f0a7d168182b4d5507553cfcd407c5ae6b32647cb5d8e221d76401d7c7faa7e9770c8c9d85560086ddc4277d2e114

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLkJYH5:1dWubF3n9S91BF3fbo4JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks