General

  • Target

    2ec4bed54a45e1caa9c48b75b8e3184390709c4cf52439a4beda18c28fb4a3c4

  • Size

    51KB

  • Sample

    240623-2ry4hszcnl

  • MD5

    466d9677cec11a13a1bb2b6a5f36742e

  • SHA1

    1fe07112fdaa2a9e77a55c9ab51275e256728c18

  • SHA256

    2ec4bed54a45e1caa9c48b75b8e3184390709c4cf52439a4beda18c28fb4a3c4

  • SHA512

    cf3745dc25bbf9d892f3d8545ebcb97e4c9092859063f983d66d0412363ab8d4c5bf328cd0661dda664e9316ce23f5305fb966e5f6c7d3c39b59862ae6487a91

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLSJYH5:1dWubF3n9S91BF3fboOJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      2ec4bed54a45e1caa9c48b75b8e3184390709c4cf52439a4beda18c28fb4a3c4

    • Size

      51KB

    • MD5

      466d9677cec11a13a1bb2b6a5f36742e

    • SHA1

      1fe07112fdaa2a9e77a55c9ab51275e256728c18

    • SHA256

      2ec4bed54a45e1caa9c48b75b8e3184390709c4cf52439a4beda18c28fb4a3c4

    • SHA512

      cf3745dc25bbf9d892f3d8545ebcb97e4c9092859063f983d66d0412363ab8d4c5bf328cd0661dda664e9316ce23f5305fb966e5f6c7d3c39b59862ae6487a91

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLSJYH5:1dWubF3n9S91BF3fboOJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks