General

  • Target

    c0d254b4708ff004cd0239082041bea94216c3ef71c6862f5737f4400e563a66

  • Size

    51KB

  • Sample

    240623-2wg1sszemk

  • MD5

    fd8b53795bd96c141cd1f4e797ae816f

  • SHA1

    af7bd72f3096147d9aeb2702520d152a5f55d32b

  • SHA256

    c0d254b4708ff004cd0239082041bea94216c3ef71c6862f5737f4400e563a66

  • SHA512

    f1b377ca159ede8c19bdd20d85a761e72efeb5d9d3e50b4c3dea619de90a873c3e308cec18001f2382a63c4b4e62a59e0d6cc06cb5b5ec1ae3befa6ccabe5c3d

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+LJYH5:1dWubF3n9S91BF3fboQJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c0d254b4708ff004cd0239082041bea94216c3ef71c6862f5737f4400e563a66

    • Size

      51KB

    • MD5

      fd8b53795bd96c141cd1f4e797ae816f

    • SHA1

      af7bd72f3096147d9aeb2702520d152a5f55d32b

    • SHA256

      c0d254b4708ff004cd0239082041bea94216c3ef71c6862f5737f4400e563a66

    • SHA512

      f1b377ca159ede8c19bdd20d85a761e72efeb5d9d3e50b4c3dea619de90a873c3e308cec18001f2382a63c4b4e62a59e0d6cc06cb5b5ec1ae3befa6ccabe5c3d

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+LJYH5:1dWubF3n9S91BF3fboQJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks