General

  • Target

    f4d9a8323fda952477c5419f4188dcd6e859dd19d678ffff0dbf286aa62df95b

  • Size

    51KB

  • Sample

    240623-2wjjmawfnb

  • MD5

    402da3a6da11fa107b42451a059669c9

  • SHA1

    3f9f260a698beca7ad6918be3710ac46b6e3643a

  • SHA256

    f4d9a8323fda952477c5419f4188dcd6e859dd19d678ffff0dbf286aa62df95b

  • SHA512

    38a01aa03cca58b05820b14a83444f90200d68bf82022e55507cc5519bbc8059504a9b08244b2ddcef0c14e9e35f7373b1ccccb88dcf4abb4d198cf1bdc02346

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fbozJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      f4d9a8323fda952477c5419f4188dcd6e859dd19d678ffff0dbf286aa62df95b

    • Size

      51KB

    • MD5

      402da3a6da11fa107b42451a059669c9

    • SHA1

      3f9f260a698beca7ad6918be3710ac46b6e3643a

    • SHA256

      f4d9a8323fda952477c5419f4188dcd6e859dd19d678ffff0dbf286aa62df95b

    • SHA512

      38a01aa03cca58b05820b14a83444f90200d68bf82022e55507cc5519bbc8059504a9b08244b2ddcef0c14e9e35f7373b1ccccb88dcf4abb4d198cf1bdc02346

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fbozJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks