General

  • Target

    b07e2324979970301600e3e953b9da0b7d7505a36b03e1a89b38aae840ef1d57

  • Size

    51KB

  • Sample

    240623-2wjvdszenk

  • MD5

    629359d9c916b3c05be833ef5e5538bf

  • SHA1

    f59d6cb0f65133b2bb165267f16f6c3f721d6167

  • SHA256

    b07e2324979970301600e3e953b9da0b7d7505a36b03e1a89b38aae840ef1d57

  • SHA512

    20619701caa75a87a180d615854f7c8ce21893c7487f56f390df24f005a28aebfaf08fe3f7ec7034197ff8b9b1118f57bf8ed4244b8bcfd4d3c11dc4b276b80c

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fboNJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      b07e2324979970301600e3e953b9da0b7d7505a36b03e1a89b38aae840ef1d57

    • Size

      51KB

    • MD5

      629359d9c916b3c05be833ef5e5538bf

    • SHA1

      f59d6cb0f65133b2bb165267f16f6c3f721d6167

    • SHA256

      b07e2324979970301600e3e953b9da0b7d7505a36b03e1a89b38aae840ef1d57

    • SHA512

      20619701caa75a87a180d615854f7c8ce21893c7487f56f390df24f005a28aebfaf08fe3f7ec7034197ff8b9b1118f57bf8ed4244b8bcfd4d3c11dc4b276b80c

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fboNJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks