General

  • Target

    d1713885dfa38fe96304f96dcb4c669c5b4f9e364ff4b58d6deffbbd75467f8f

  • Size

    51KB

  • Sample

    240623-2rygzswdmh

  • MD5

    a4c523a47d73c17dd99e545ba8fb65c4

  • SHA1

    44b387945fa2e8052c7feb80f47ebee89675ce46

  • SHA256

    d1713885dfa38fe96304f96dcb4c669c5b4f9e364ff4b58d6deffbbd75467f8f

  • SHA512

    4ed50ccf73d71705b39041799b5b138b0f6ec21e6c28c3332ab860a0cbceff147cd2cc07d70b8b59092ce3aaa552263f4a5e24340a4ca305a852c675a4547ceb

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fbolJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      d1713885dfa38fe96304f96dcb4c669c5b4f9e364ff4b58d6deffbbd75467f8f

    • Size

      51KB

    • MD5

      a4c523a47d73c17dd99e545ba8fb65c4

    • SHA1

      44b387945fa2e8052c7feb80f47ebee89675ce46

    • SHA256

      d1713885dfa38fe96304f96dcb4c669c5b4f9e364ff4b58d6deffbbd75467f8f

    • SHA512

      4ed50ccf73d71705b39041799b5b138b0f6ec21e6c28c3332ab860a0cbceff147cd2cc07d70b8b59092ce3aaa552263f4a5e24340a4ca305a852c675a4547ceb

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fbolJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks