General

  • Target

    da0462ba12064a78cf3ac3eeb403200a9598a48cc947d83ac68110bb1b34dcec

  • Size

    51KB

  • Sample

    241109-zd66vssakg

  • MD5

    9568604b0c5a905aa10789c9c6cba304

  • SHA1

    b25ae9043da02fcd4d8808096f52789553523928

  • SHA256

    da0462ba12064a78cf3ac3eeb403200a9598a48cc947d83ac68110bb1b34dcec

  • SHA512

    bf1069dad52a13f4fdf9c1c250fb0f036a3385325ac862fe5a67c937f666ec8f883436a1aa98dca5b66600c3cd95e8b84b9540e11cb8b2d3f0eefa44ad28e8a5

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLfJYH5:1dWubF3n9S91BF3fbozJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      da0462ba12064a78cf3ac3eeb403200a9598a48cc947d83ac68110bb1b34dcec

    • Size

      51KB

    • MD5

      9568604b0c5a905aa10789c9c6cba304

    • SHA1

      b25ae9043da02fcd4d8808096f52789553523928

    • SHA256

      da0462ba12064a78cf3ac3eeb403200a9598a48cc947d83ac68110bb1b34dcec

    • SHA512

      bf1069dad52a13f4fdf9c1c250fb0f036a3385325ac862fe5a67c937f666ec8f883436a1aa98dca5b66600c3cd95e8b84b9540e11cb8b2d3f0eefa44ad28e8a5

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLfJYH5:1dWubF3n9S91BF3fbozJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks