General

  • Target

    23fb8b093a3f5f73383792cc881b7c0ec2d2fce88227c9074086a603e664c4ec

  • Size

    51KB

  • Sample

    241230-s44ebsymbq

  • MD5

    9147bbab100ab2085e49b1657917f1fc

  • SHA1

    23dff29907b0e87019363d20dfb8959f5788e8a5

  • SHA256

    23fb8b093a3f5f73383792cc881b7c0ec2d2fce88227c9074086a603e664c4ec

  • SHA512

    156214c5214b4fc3196b48ea49c593b759daf7aa2cc36b46d9cd5c2d7980c382b4f9f3f808bb95b477335218b2853ee3f09b2696c504b77a613bc97a1518dcd4

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL8JYH5:1dWubF3n9S91BF3fboQJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      23fb8b093a3f5f73383792cc881b7c0ec2d2fce88227c9074086a603e664c4ec

    • Size

      51KB

    • MD5

      9147bbab100ab2085e49b1657917f1fc

    • SHA1

      23dff29907b0e87019363d20dfb8959f5788e8a5

    • SHA256

      23fb8b093a3f5f73383792cc881b7c0ec2d2fce88227c9074086a603e664c4ec

    • SHA512

      156214c5214b4fc3196b48ea49c593b759daf7aa2cc36b46d9cd5c2d7980c382b4f9f3f808bb95b477335218b2853ee3f09b2696c504b77a613bc97a1518dcd4

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL8JYH5:1dWubF3n9S91BF3fboQJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks