General

  • Target

    eb163fc941a7dcefda0cda9c710b936de230611dd65d07249d99c21af77875c4

  • Size

    51KB

  • Sample

    240623-2tq6pawemg

  • MD5

    bd3951088ac9a9a6e07afeee196bf2bc

  • SHA1

    436967b842df7f7a985162f9bc71fd6b380ae21b

  • SHA256

    eb163fc941a7dcefda0cda9c710b936de230611dd65d07249d99c21af77875c4

  • SHA512

    ceb7ca9ddb1abdc4f604a43136a854127d349b9c50a16bbe9d148e8d02544289898ebb57094633a667edd039c2432d66f00b69fa777d12228cea5acd31f5c4d6

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLiJYH5:1dWubF3n9S91BF3fboOJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      eb163fc941a7dcefda0cda9c710b936de230611dd65d07249d99c21af77875c4

    • Size

      51KB

    • MD5

      bd3951088ac9a9a6e07afeee196bf2bc

    • SHA1

      436967b842df7f7a985162f9bc71fd6b380ae21b

    • SHA256

      eb163fc941a7dcefda0cda9c710b936de230611dd65d07249d99c21af77875c4

    • SHA512

      ceb7ca9ddb1abdc4f604a43136a854127d349b9c50a16bbe9d148e8d02544289898ebb57094633a667edd039c2432d66f00b69fa777d12228cea5acd31f5c4d6

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLiJYH5:1dWubF3n9S91BF3fboOJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks