General

  • Target

    6a1069695546a9e0e2ad0ab1f489fd78372de57dcac480c6ea7e03368682764d

  • Size

    51KB

  • Sample

    241110-r8xa5sykdv

  • MD5

    5f6b0d6994ba8e7e6e220f846c4c1ed1

  • SHA1

    87c7abb11c5d8676cf338be2678d02427219c1b4

  • SHA256

    6a1069695546a9e0e2ad0ab1f489fd78372de57dcac480c6ea7e03368682764d

  • SHA512

    7debf4b1f07bd48e0bde3b21311c908d16978545d625b77ce800f23f31012b6fa84291103fb9860c9147ed617dc709f8f3fa3d0c64dbf3c643a6e4f33b5dbf60

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLpJYH5:1dWubF3n9S91BF3fbo1JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      6a1069695546a9e0e2ad0ab1f489fd78372de57dcac480c6ea7e03368682764d

    • Size

      51KB

    • MD5

      5f6b0d6994ba8e7e6e220f846c4c1ed1

    • SHA1

      87c7abb11c5d8676cf338be2678d02427219c1b4

    • SHA256

      6a1069695546a9e0e2ad0ab1f489fd78372de57dcac480c6ea7e03368682764d

    • SHA512

      7debf4b1f07bd48e0bde3b21311c908d16978545d625b77ce800f23f31012b6fa84291103fb9860c9147ed617dc709f8f3fa3d0c64dbf3c643a6e4f33b5dbf60

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLpJYH5:1dWubF3n9S91BF3fbo1JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks