General

  • Target

    8165b974d0de40aa2c010e4cf50f7ac0430e1b8647d049c4a1c6120049eded5a

  • Size

    51KB

  • Sample

    240623-2whx4awfmf

  • MD5

    81281c5c549821d430e640900edce480

  • SHA1

    aba7413d3e71cf8d6eaf1108ce3df3417723f4d3

  • SHA256

    8165b974d0de40aa2c010e4cf50f7ac0430e1b8647d049c4a1c6120049eded5a

  • SHA512

    b9b8380997d097de43e36727036a606d6cd1b8278aef04663d3a77d59fb3a39984703b72ed5a740493b515d0ee3b94ad79c0dea56e3ae836fa9ebcb3fbb3de3a

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLAJYH5:1dWubF3n9S91BF3fbokJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      8165b974d0de40aa2c010e4cf50f7ac0430e1b8647d049c4a1c6120049eded5a

    • Size

      51KB

    • MD5

      81281c5c549821d430e640900edce480

    • SHA1

      aba7413d3e71cf8d6eaf1108ce3df3417723f4d3

    • SHA256

      8165b974d0de40aa2c010e4cf50f7ac0430e1b8647d049c4a1c6120049eded5a

    • SHA512

      b9b8380997d097de43e36727036a606d6cd1b8278aef04663d3a77d59fb3a39984703b72ed5a740493b515d0ee3b94ad79c0dea56e3ae836fa9ebcb3fbb3de3a

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLAJYH5:1dWubF3n9S91BF3fbokJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks