General

  • Target

    1a69468dc3cd2d876caac61bd8c420aaf6c11becfad332e97a756b46d5b4950d

  • Size

    51KB

  • Sample

    240623-2wsgjazepl

  • MD5

    a3c20cbac81d80c59703ad65852b015b

  • SHA1

    40cf179e8db1bd96b619b66f9747d0ef6951aeed

  • SHA256

    1a69468dc3cd2d876caac61bd8c420aaf6c11becfad332e97a756b46d5b4950d

  • SHA512

    453f8b2d3475f038a0677250c638ea02b6d49fb1f8f80a41f0efab60091604dc2d627ebe29bd1bd3f10cd3e19bbf602a0972d044f64feac3caa3dfef41485972

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL5JYH5:1dWubF3n9S91BF3fbodJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      1a69468dc3cd2d876caac61bd8c420aaf6c11becfad332e97a756b46d5b4950d

    • Size

      51KB

    • MD5

      a3c20cbac81d80c59703ad65852b015b

    • SHA1

      40cf179e8db1bd96b619b66f9747d0ef6951aeed

    • SHA256

      1a69468dc3cd2d876caac61bd8c420aaf6c11becfad332e97a756b46d5b4950d

    • SHA512

      453f8b2d3475f038a0677250c638ea02b6d49fb1f8f80a41f0efab60091604dc2d627ebe29bd1bd3f10cd3e19bbf602a0972d044f64feac3caa3dfef41485972

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL5JYH5:1dWubF3n9S91BF3fbodJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks