General

  • Target

    043d89584a31a67562ba473bd24f259809d125424768e26507409ff97c0d44fc

  • Size

    51KB

  • Sample

    241230-yl3yqswlap

  • MD5

    1188e85699b5eb6d9265b0c3d173e970

  • SHA1

    57a72169fd613ea2aac54f9bbc007f6908f35fe8

  • SHA256

    043d89584a31a67562ba473bd24f259809d125424768e26507409ff97c0d44fc

  • SHA512

    5cedad141d56bbf3e5921333c9f5cf1d4952ad5e15d7373f350c00060f1154d8f30c9935866613425f7382fe2dbc80b102ab01e6d57a4ff224e135bafe2380a4

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLOJYH5:1dWubF3n9S91BF3fboCJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      043d89584a31a67562ba473bd24f259809d125424768e26507409ff97c0d44fc

    • Size

      51KB

    • MD5

      1188e85699b5eb6d9265b0c3d173e970

    • SHA1

      57a72169fd613ea2aac54f9bbc007f6908f35fe8

    • SHA256

      043d89584a31a67562ba473bd24f259809d125424768e26507409ff97c0d44fc

    • SHA512

      5cedad141d56bbf3e5921333c9f5cf1d4952ad5e15d7373f350c00060f1154d8f30c9935866613425f7382fe2dbc80b102ab01e6d57a4ff224e135bafe2380a4

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLOJYH5:1dWubF3n9S91BF3fboCJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks