General

  • Target

    caa50ac44cb01a10a16e2b455c9fc4d442150c9c56ba4bd16a459b58a0e3d771

  • Size

    51KB

  • Sample

    240623-wa19na1hqr

  • MD5

    d397180e205722b031a969cab4ab224c

  • SHA1

    972911bfc1d1375bcd29c4aa8583caf38fc0ed55

  • SHA256

    caa50ac44cb01a10a16e2b455c9fc4d442150c9c56ba4bd16a459b58a0e3d771

  • SHA512

    1ae72c1cd291b5e89f0e17b8de9ffe908fe4585f089332d19e206f7dc650e1bcb61a2fd930ec8a5331c4e7e927792ed709db5f50e5f7dda5c8ba163d6b041642

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fbomJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      caa50ac44cb01a10a16e2b455c9fc4d442150c9c56ba4bd16a459b58a0e3d771

    • Size

      51KB

    • MD5

      d397180e205722b031a969cab4ab224c

    • SHA1

      972911bfc1d1375bcd29c4aa8583caf38fc0ed55

    • SHA256

      caa50ac44cb01a10a16e2b455c9fc4d442150c9c56ba4bd16a459b58a0e3d771

    • SHA512

      1ae72c1cd291b5e89f0e17b8de9ffe908fe4585f089332d19e206f7dc650e1bcb61a2fd930ec8a5331c4e7e927792ed709db5f50e5f7dda5c8ba163d6b041642

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLCJYH5:1dWubF3n9S91BF3fbomJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks