General

  • Target

    79dab344468850fae9072a1aa006c3627781dafabda65cdeee98e0db2f2586b3

  • Size

    51KB

  • Sample

    240623-q1c2vssfja

  • MD5

    cd86558feebb669d1950c9f7f10f35e1

  • SHA1

    55bda15fbe43c8378e6d938298a62b416fc7e3fc

  • SHA256

    79dab344468850fae9072a1aa006c3627781dafabda65cdeee98e0db2f2586b3

  • SHA512

    2003615537250af8b4d1f619a52640b1371c46629bac3f1baaa9f26dddc39de38729db081eaad830633919726f569dc867d4275e2d82f5f5429a0b86dc6da47c

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLhJYH5:1dWubF3n9S91BF3fbolJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      79dab344468850fae9072a1aa006c3627781dafabda65cdeee98e0db2f2586b3

    • Size

      51KB

    • MD5

      cd86558feebb669d1950c9f7f10f35e1

    • SHA1

      55bda15fbe43c8378e6d938298a62b416fc7e3fc

    • SHA256

      79dab344468850fae9072a1aa006c3627781dafabda65cdeee98e0db2f2586b3

    • SHA512

      2003615537250af8b4d1f619a52640b1371c46629bac3f1baaa9f26dddc39de38729db081eaad830633919726f569dc867d4275e2d82f5f5429a0b86dc6da47c

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLhJYH5:1dWubF3n9S91BF3fbolJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks