General

  • Target

    5779fc1aadf1d1214cdb3b680e9f7e1a8cf861d9f80068448afc979f22d2b0a2

  • Size

    51KB

  • Sample

    241230-tasamsyngq

  • MD5

    611a833ae671dde71c6bd480ccbeede4

  • SHA1

    1e316ad6aa7ea4cec027c8933ddf42109d47f9e6

  • SHA256

    5779fc1aadf1d1214cdb3b680e9f7e1a8cf861d9f80068448afc979f22d2b0a2

  • SHA512

    f20e7217e63ae3c754b245115b4193a42594a169a8f5b2403424b30091415fadece845e4f82b72fa0614224711729a533e1b7e44c7f791cd07d061f01ac88d4f

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fboTJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      5779fc1aadf1d1214cdb3b680e9f7e1a8cf861d9f80068448afc979f22d2b0a2

    • Size

      51KB

    • MD5

      611a833ae671dde71c6bd480ccbeede4

    • SHA1

      1e316ad6aa7ea4cec027c8933ddf42109d47f9e6

    • SHA256

      5779fc1aadf1d1214cdb3b680e9f7e1a8cf861d9f80068448afc979f22d2b0a2

    • SHA512

      f20e7217e63ae3c754b245115b4193a42594a169a8f5b2403424b30091415fadece845e4f82b72fa0614224711729a533e1b7e44c7f791cd07d061f01ac88d4f

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLPJYH5:1dWubF3n9S91BF3fboTJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks