General

  • Target

    cac9559b2d42162e2d88a0314ab807b529bd03e22b542cc8457fc754f2587112

  • Size

    51KB

  • Sample

    240623-2whmbswfme

  • MD5

    ffcc0cc17bfce5d458258a9ba070e6e2

  • SHA1

    e84c05c46029ebb14dad9de3a54cd813f38ce229

  • SHA256

    cac9559b2d42162e2d88a0314ab807b529bd03e22b542cc8457fc754f2587112

  • SHA512

    3790799312cbd718e98dd7b35930b7c769ac722cccacf38af27e80cecf5f16cee968a66d39713b0a4ee62ffdc01102685297156e639ceeb9af2904e4b41188aa

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbojJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      cac9559b2d42162e2d88a0314ab807b529bd03e22b542cc8457fc754f2587112

    • Size

      51KB

    • MD5

      ffcc0cc17bfce5d458258a9ba070e6e2

    • SHA1

      e84c05c46029ebb14dad9de3a54cd813f38ce229

    • SHA256

      cac9559b2d42162e2d88a0314ab807b529bd03e22b542cc8457fc754f2587112

    • SHA512

      3790799312cbd718e98dd7b35930b7c769ac722cccacf38af27e80cecf5f16cee968a66d39713b0a4ee62ffdc01102685297156e639ceeb9af2904e4b41188aa

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLHJYH5:1dWubF3n9S91BF3fbojJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks