General

  • Target

    d8374fad5745aacc5296d8fed256b78d15553c8a3b54467300a245591743cf0e.exe

  • Size

    51KB

  • Sample

    241230-wrgataslej

  • MD5

    9a2700c867f3c11f35525109ce2ea9fb

  • SHA1

    e75b8f020f59f28f308029a32995857b07357332

  • SHA256

    d8374fad5745aacc5296d8fed256b78d15553c8a3b54467300a245591743cf0e

  • SHA512

    7fbe501d22114069baa20e121a3419e58014522a4812210e0959af677695ded0196ec487f2ddf6fefa91d5a46e742762cac697aa4cd7eb85c5f7323b57ad4dd1

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLYJYH5R:1dWubF3n9S91BF3fboEJYH5R

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      d8374fad5745aacc5296d8fed256b78d15553c8a3b54467300a245591743cf0e.exe

    • Size

      51KB

    • MD5

      9a2700c867f3c11f35525109ce2ea9fb

    • SHA1

      e75b8f020f59f28f308029a32995857b07357332

    • SHA256

      d8374fad5745aacc5296d8fed256b78d15553c8a3b54467300a245591743cf0e

    • SHA512

      7fbe501d22114069baa20e121a3419e58014522a4812210e0959af677695ded0196ec487f2ddf6fefa91d5a46e742762cac697aa4cd7eb85c5f7323b57ad4dd1

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLYJYH5R:1dWubF3n9S91BF3fboEJYH5R

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks