General

  • Target

    26575d002c7a39f48d3bd71b789c3a429e01d4e349d2f2392a8e12e392bb88bc

  • Size

    51KB

  • Sample

    241109-zdyvgsvjhm

  • MD5

    0e7231eb73c79ce3335257be31022158

  • SHA1

    08b561e42912cc85643a4924696bce46883cdadb

  • SHA256

    26575d002c7a39f48d3bd71b789c3a429e01d4e349d2f2392a8e12e392bb88bc

  • SHA512

    c81da32d8390290004f5ebfc5f4a9c597bab65364f6e5023b8c7b1bfa7b4b94043897a0519ce2ba7727c75bc643d5155f068c1d099eaf8d0e7fe43237db346e1

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL8JYH5:1dWubF3n9S91BF3fboYJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      26575d002c7a39f48d3bd71b789c3a429e01d4e349d2f2392a8e12e392bb88bc

    • Size

      51KB

    • MD5

      0e7231eb73c79ce3335257be31022158

    • SHA1

      08b561e42912cc85643a4924696bce46883cdadb

    • SHA256

      26575d002c7a39f48d3bd71b789c3a429e01d4e349d2f2392a8e12e392bb88bc

    • SHA512

      c81da32d8390290004f5ebfc5f4a9c597bab65364f6e5023b8c7b1bfa7b4b94043897a0519ce2ba7727c75bc643d5155f068c1d099eaf8d0e7fe43237db346e1

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL8JYH5:1dWubF3n9S91BF3fboYJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks