General

  • Target

    412989eae73ab389080b9c7916d7e272285c25e3b50f2ac9fee9ac97849d164e

  • Size

    51KB

  • Sample

    240623-2trr8awenb

  • MD5

    72c2a442a109896ad3149783b4cad1e6

  • SHA1

    be6d5f274b025d8a625dd1cb99ff315516549557

  • SHA256

    412989eae73ab389080b9c7916d7e272285c25e3b50f2ac9fee9ac97849d164e

  • SHA512

    b7099c7e96da3a4f1afa00b8ecaf61c4c906bf5c0a6c8f32c45b1db2a8e544d39adc22a55bc19d3868c3f58bb24e530ae0e7140cf9117451be2c4d22da2bd824

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLGJYH5:1dWubF3n9S91BF3fboaJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      412989eae73ab389080b9c7916d7e272285c25e3b50f2ac9fee9ac97849d164e

    • Size

      51KB

    • MD5

      72c2a442a109896ad3149783b4cad1e6

    • SHA1

      be6d5f274b025d8a625dd1cb99ff315516549557

    • SHA256

      412989eae73ab389080b9c7916d7e272285c25e3b50f2ac9fee9ac97849d164e

    • SHA512

      b7099c7e96da3a4f1afa00b8ecaf61c4c906bf5c0a6c8f32c45b1db2a8e544d39adc22a55bc19d3868c3f58bb24e530ae0e7140cf9117451be2c4d22da2bd824

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLGJYH5:1dWubF3n9S91BF3fboaJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks