General

  • Target

    a5f9cc78fc2b9199aeddf407eae2ce5c724cf9dd7b906032ae63fd06e79bd4ba

  • Size

    51KB

  • Sample

    241113-bpn8esvanr

  • MD5

    747ed166d90b90b23c1cbe046cc8079b

  • SHA1

    0cda5ebba2ea12b8b2713f99d4f34b386257abbe

  • SHA256

    a5f9cc78fc2b9199aeddf407eae2ce5c724cf9dd7b906032ae63fd06e79bd4ba

  • SHA512

    7b04544b2111ecd50e626e0eda9f1a0c2a88d318b9e8bd710e8e251b6edd9a86a2754bc6f478ae14a901af9d0218d1dce22eefc57492828fa5641c60f1f151e1

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboqJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      a5f9cc78fc2b9199aeddf407eae2ce5c724cf9dd7b906032ae63fd06e79bd4ba

    • Size

      51KB

    • MD5

      747ed166d90b90b23c1cbe046cc8079b

    • SHA1

      0cda5ebba2ea12b8b2713f99d4f34b386257abbe

    • SHA256

      a5f9cc78fc2b9199aeddf407eae2ce5c724cf9dd7b906032ae63fd06e79bd4ba

    • SHA512

      7b04544b2111ecd50e626e0eda9f1a0c2a88d318b9e8bd710e8e251b6edd9a86a2754bc6f478ae14a901af9d0218d1dce22eefc57492828fa5641c60f1f151e1

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLmJYH5:1dWubF3n9S91BF3fboqJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks