General

  • Target

    d611781d9a63e9c9a32fc44f3ccaf66572fbb559152f117a6f58a06962288f2b

  • Size

    51KB

  • Sample

    240623-wcgyssyalh

  • MD5

    54903cf376f050d10893fd8cb88a740c

  • SHA1

    7e1867b624d722128c7412aeb1b34cb7baea8b02

  • SHA256

    d611781d9a63e9c9a32fc44f3ccaf66572fbb559152f117a6f58a06962288f2b

  • SHA512

    766e0677041d3a9f2bb25ca5595d727c45180fadfb68f59f98a027e4600a6296a3bbc9fd298d333745fbdac62ee7a6812aa14eaeae0933501f25f0be4442f1fb

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLVJYH5:1dWubF3n9S91BF3fboRJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      d611781d9a63e9c9a32fc44f3ccaf66572fbb559152f117a6f58a06962288f2b

    • Size

      51KB

    • MD5

      54903cf376f050d10893fd8cb88a740c

    • SHA1

      7e1867b624d722128c7412aeb1b34cb7baea8b02

    • SHA256

      d611781d9a63e9c9a32fc44f3ccaf66572fbb559152f117a6f58a06962288f2b

    • SHA512

      766e0677041d3a9f2bb25ca5595d727c45180fadfb68f59f98a027e4600a6296a3bbc9fd298d333745fbdac62ee7a6812aa14eaeae0933501f25f0be4442f1fb

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLVJYH5:1dWubF3n9S91BF3fboRJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks