General

  • Target

    78ca757b157ea294f93e0275f880d47f2cebb5771ca498455271d92ea15dede9

  • Size

    51KB

  • Sample

    250405-rzjzfsslv3

  • MD5

    f0e4f52f78ecaff28d487bcf7935d06b

  • SHA1

    67f03b3f0fded753ee4ea2116df0991bd9ea0632

  • SHA256

    78ca757b157ea294f93e0275f880d47f2cebb5771ca498455271d92ea15dede9

  • SHA512

    063eebec5ddd2eeacf9e655853acfb344c43702931ec6787b3eeeafc5fa8e4af9f9e6c27ca397d32058347b2260632acf3c4ff1620aae8bb66df33c81bcff1a3

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLYJYH5:1dWubF3n9S91BF3fboMJYH5

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

kinh.xmcxmr.com

Targets

    • Target

      78ca757b157ea294f93e0275f880d47f2cebb5771ca498455271d92ea15dede9

    • Size

      51KB

    • MD5

      f0e4f52f78ecaff28d487bcf7935d06b

    • SHA1

      67f03b3f0fded753ee4ea2116df0991bd9ea0632

    • SHA256

      78ca757b157ea294f93e0275f880d47f2cebb5771ca498455271d92ea15dede9

    • SHA512

      063eebec5ddd2eeacf9e655853acfb344c43702931ec6787b3eeeafc5fa8e4af9f9e6c27ca397d32058347b2260632acf3c4ff1620aae8bb66df33c81bcff1a3

    • SSDEEP

      1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLYJYH5:1dWubF3n9S91BF3fboMJYH5

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks