General

  • Target

    757ec94a00c9085534afdc8e2232e6b7cf51ae043290ac0fdc25e3c8eb273694

  • Size

    51KB

  • Sample

    240623-wap7ds1hpr

  • MD5

    4b0897c772c0488da0d5087f3ed79a90

  • SHA1

    1c15aea618eda5faace3c5305c3ae76fbdc1685a

  • SHA256

    757ec94a00c9085534afdc8e2232e6b7cf51ae043290ac0fdc25e3c8eb273694

  • SHA512

    3f07ac6b072705c15f14cd0f909966372169d441bb2c2aa7a33804eb0a283225829cad95ce1f04f76cbced18f7ad39684aaa88e81c85adaa2b71f9f9f4124c28

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fbotJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      757ec94a00c9085534afdc8e2232e6b7cf51ae043290ac0fdc25e3c8eb273694

    • Size

      51KB

    • MD5

      4b0897c772c0488da0d5087f3ed79a90

    • SHA1

      1c15aea618eda5faace3c5305c3ae76fbdc1685a

    • SHA256

      757ec94a00c9085534afdc8e2232e6b7cf51ae043290ac0fdc25e3c8eb273694

    • SHA512

      3f07ac6b072705c15f14cd0f909966372169d441bb2c2aa7a33804eb0a283225829cad95ce1f04f76cbced18f7ad39684aaa88e81c85adaa2b71f9f9f4124c28

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLBJYH5:1dWubF3n9S91BF3fbotJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks