General

  • Target

    02109a32d05f084732765813a01626d9ec0259db926681f4bf9f66c644e9439c.exe

  • Size

    51KB

  • Sample

    241118-y77ttazkcp

  • MD5

    fbf1cc344c74bf367bb92c50fdbcbb35

  • SHA1

    24fb4e6b4dfe2ea1eacddb9fb40609e067dc63b3

  • SHA256

    02109a32d05f084732765813a01626d9ec0259db926681f4bf9f66c644e9439c

  • SHA512

    2a2f7085078d1269ea1388e22543f90b89043ebe8c15bf0cc2c3609a7707127ed1026daed370c7dc805d2c95591d11f4cd8c2a64f28d8127c7e93d7be25b1913

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLlJYH55:1dWubF3n9S91BF3fboRJYH55

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      02109a32d05f084732765813a01626d9ec0259db926681f4bf9f66c644e9439c.exe

    • Size

      51KB

    • MD5

      fbf1cc344c74bf367bb92c50fdbcbb35

    • SHA1

      24fb4e6b4dfe2ea1eacddb9fb40609e067dc63b3

    • SHA256

      02109a32d05f084732765813a01626d9ec0259db926681f4bf9f66c644e9439c

    • SHA512

      2a2f7085078d1269ea1388e22543f90b89043ebe8c15bf0cc2c3609a7707127ed1026daed370c7dc805d2c95591d11f4cd8c2a64f28d8127c7e93d7be25b1913

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLlJYH55:1dWubF3n9S91BF3fboRJYH55

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks