General

  • Target

    35bf6109d1742336bf03ac091e9435139569cde9ac39896fbdf8febec0e48329

  • Size

    51KB

  • Sample

    240623-wchkbssakm

  • MD5

    d03dedaa2d6d67e285efe6f7b1ea3f17

  • SHA1

    e62c42b92cb76cf2e5e74092d865836103bc9dbe

  • SHA256

    35bf6109d1742336bf03ac091e9435139569cde9ac39896fbdf8febec0e48329

  • SHA512

    491ad7d2f67e2ea6c9dc568dd7b0f6cd5f3be01ba98ab918471a2800680a0913a0f6c4cc479f356a75dc3e422dffc0e30a548cfdc845e00b4573c865c2d6cbec

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+fJYH5:1dWubF3n9S91BF3fbocJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      35bf6109d1742336bf03ac091e9435139569cde9ac39896fbdf8febec0e48329

    • Size

      51KB

    • MD5

      d03dedaa2d6d67e285efe6f7b1ea3f17

    • SHA1

      e62c42b92cb76cf2e5e74092d865836103bc9dbe

    • SHA256

      35bf6109d1742336bf03ac091e9435139569cde9ac39896fbdf8febec0e48329

    • SHA512

      491ad7d2f67e2ea6c9dc568dd7b0f6cd5f3be01ba98ab918471a2800680a0913a0f6c4cc479f356a75dc3e422dffc0e30a548cfdc845e00b4573c865c2d6cbec

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+fJYH5:1dWubF3n9S91BF3fbocJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

MITRE ATT&CK Matrix

Tasks