General

  • Target

    c8273237c956d84b21ad8ec1616870e01b1fc3af503b4d518ffa3ef7dfe670db

  • Size

    51KB

  • Sample

    241230-yl7lxswlbj

  • MD5

    3eab66c3238e1d30eaf9ef0ef59fa795

  • SHA1

    1e9c19b135be5520f75bae26b17d1327a9c9ce13

  • SHA256

    c8273237c956d84b21ad8ec1616870e01b1fc3af503b4d518ffa3ef7dfe670db

  • SHA512

    58a0db969e58513344a3ce9b4ac779c381cfd058cea6794652cc48a61c6250189d8bba990fa1e3e7c435b5a177bd0c47d211a42ce06e3d87a89994603ca7c975

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL2JYH5:1dWubF3n9S91BF3fboCJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      c8273237c956d84b21ad8ec1616870e01b1fc3af503b4d518ffa3ef7dfe670db

    • Size

      51KB

    • MD5

      3eab66c3238e1d30eaf9ef0ef59fa795

    • SHA1

      1e9c19b135be5520f75bae26b17d1327a9c9ce13

    • SHA256

      c8273237c956d84b21ad8ec1616870e01b1fc3af503b4d518ffa3ef7dfe670db

    • SHA512

      58a0db969e58513344a3ce9b4ac779c381cfd058cea6794652cc48a61c6250189d8bba990fa1e3e7c435b5a177bd0c47d211a42ce06e3d87a89994603ca7c975

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL2JYH5:1dWubF3n9S91BF3fboCJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks