gh0strat | cb53f8bd8afdef36e62e7be3d89a47b83a080aaf260ef8cde7e0b83765a48ade | Triage

Sharing

General

Target

cb53f8bd8afdef36e62e7be3d89a47b83a080aaf260ef8cde7e0b83765a48ade
Size

141KB
MD5

e1a45ec41c816215260873272df1143e
SHA1

2004bbe3196efe8bbde72255f4b131db804f6893
SHA256

cb53f8bd8afdef36e62e7be3d89a47b83a080aaf260ef8cde7e0b83765a48ade
SHA512

ffc2fff8c7e6d8cecae93704a1930efbbee7d71c02c0c9bde56a8b4f7f8c0da7212b815ffeadd349b705b8d28f8add21321ea3e1fbc3f2eaee2a486b807076be
SSDEEP

3072:W9+yMKlrBOTI8h7UVuRh/DBiEQcaKPmcDsYHZa:WI0OTI0UQLDw8aimcQY4

Score

10^/10

gh0strat

Malware Config

Signatures

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

Gh0strat family
gh0strat

Files

cb53f8bd8afdef36e62e7be3d89a47b83a080aaf260ef8cde7e0b83765a48ade
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ