General

  • Target

    5be4c82cc79327b946e3123a99d6e4826205f5e6134e7305d41ea821f9fabccf

  • Size

    51KB

  • Sample

    241031-hr8heatrcp

  • MD5

    73854696458474c410274be0455001e9

  • SHA1

    bf352d6646b87739e193ba58b8bd1f2bb3681bd6

  • SHA256

    5be4c82cc79327b946e3123a99d6e4826205f5e6134e7305d41ea821f9fabccf

  • SHA512

    f86e60a73d2ffd8ba65bf2eb7f19c3507543821f39bc93a19b5497b1d88550f6c572fab55432611b7a8906fad6f4bd586135bc42e6b1a0d9e3547ff8be7871f3

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLoJYH5:1dWubF3n9S91BF3fbocJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5be4c82cc79327b946e3123a99d6e4826205f5e6134e7305d41ea821f9fabccf

    • Size

      51KB

    • MD5

      73854696458474c410274be0455001e9

    • SHA1

      bf352d6646b87739e193ba58b8bd1f2bb3681bd6

    • SHA256

      5be4c82cc79327b946e3123a99d6e4826205f5e6134e7305d41ea821f9fabccf

    • SHA512

      f86e60a73d2ffd8ba65bf2eb7f19c3507543821f39bc93a19b5497b1d88550f6c572fab55432611b7a8906fad6f4bd586135bc42e6b1a0d9e3547ff8be7871f3

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLoJYH5:1dWubF3n9S91BF3fbocJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks