General

  • Target

    e67e993f389fbf1e154720abba6f4a8d0c48b832b2d659d5258cabbd6f71dc4b

  • Size

    51KB

  • Sample

    241109-zd2w5ssakk

  • MD5

    dc8b68c3b678b69cce4e8ee5f6d60e5b

  • SHA1

    0d460a99baeb10ff30dd0963162471a662a68514

  • SHA256

    e67e993f389fbf1e154720abba6f4a8d0c48b832b2d659d5258cabbd6f71dc4b

  • SHA512

    946eaa5e4c98f26d54178f5fa325dbcc14b26eed6a897a788f749d21aa36df2e960bd026aae630fbef3ff3636313a110574ca8a66278ab0e15e3c11e38e26335

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZJYH5:1dWubF3n9S91BF3fbodJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      e67e993f389fbf1e154720abba6f4a8d0c48b832b2d659d5258cabbd6f71dc4b

    • Size

      51KB

    • MD5

      dc8b68c3b678b69cce4e8ee5f6d60e5b

    • SHA1

      0d460a99baeb10ff30dd0963162471a662a68514

    • SHA256

      e67e993f389fbf1e154720abba6f4a8d0c48b832b2d659d5258cabbd6f71dc4b

    • SHA512

      946eaa5e4c98f26d54178f5fa325dbcc14b26eed6a897a788f749d21aa36df2e960bd026aae630fbef3ff3636313a110574ca8a66278ab0e15e3c11e38e26335

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLZJYH5:1dWubF3n9S91BF3fbodJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks