General

  • Target

    60db56caadacf13e4faf385faa73aca12f2110555f6f3dbfec30106b8244efce

  • Size

    51KB

  • Sample

    241230-s6n3esymfq

  • MD5

    329955b7ba288805b5368eec28bbdcd0

  • SHA1

    b1e6b56c4ba0723ea14aec23d159e5a6b204017b

  • SHA256

    60db56caadacf13e4faf385faa73aca12f2110555f6f3dbfec30106b8244efce

  • SHA512

    2a34552d67ed64253645828088aeb6374af3f134c5af8cd3b2bea691dd628fc014f429bd3ca214839ccfcd5a43bf3a5fe944fcbe00f6bcf0610e6d5cab59b53e

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fbo7JYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      60db56caadacf13e4faf385faa73aca12f2110555f6f3dbfec30106b8244efce

    • Size

      51KB

    • MD5

      329955b7ba288805b5368eec28bbdcd0

    • SHA1

      b1e6b56c4ba0723ea14aec23d159e5a6b204017b

    • SHA256

      60db56caadacf13e4faf385faa73aca12f2110555f6f3dbfec30106b8244efce

    • SHA512

      2a34552d67ed64253645828088aeb6374af3f134c5af8cd3b2bea691dd628fc014f429bd3ca214839ccfcd5a43bf3a5fe944fcbe00f6bcf0610e6d5cab59b53e

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLvJYH5:1dWubF3n9S91BF3fbo7JYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks