General

  • Target

    f0977b30bc3e42a8552fa1fe695e0b025c14844cc485ddb6fa111dd5de6a77be

  • Size

    51KB

  • Sample

    240623-2rygzszcmq

  • MD5

    7312538570e97ba19716d64be7b43efc

  • SHA1

    146797944b050fd30e04893e5e7c83d5705da258

  • SHA256

    f0977b30bc3e42a8552fa1fe695e0b025c14844cc485ddb6fa111dd5de6a77be

  • SHA512

    17fef0e045875ade094c562dbdc288c0a7ff2c82d614a3f0b03cab992071ac980b77f94b467f44d206933bacea18f2a1ad96b7631e21ec791ccbe83c4c2eaadd

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLeJYH5:1dWubF3n9S91BF3fbo6JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f0977b30bc3e42a8552fa1fe695e0b025c14844cc485ddb6fa111dd5de6a77be

    • Size

      51KB

    • MD5

      7312538570e97ba19716d64be7b43efc

    • SHA1

      146797944b050fd30e04893e5e7c83d5705da258

    • SHA256

      f0977b30bc3e42a8552fa1fe695e0b025c14844cc485ddb6fa111dd5de6a77be

    • SHA512

      17fef0e045875ade094c562dbdc288c0a7ff2c82d614a3f0b03cab992071ac980b77f94b467f44d206933bacea18f2a1ad96b7631e21ec791ccbe83c4c2eaadd

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLeJYH5:1dWubF3n9S91BF3fbo6JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks