6059c8ff3647cb28c44756ab494b64c44f61481515a498266fdc5e9804a49cb3 | Triage

Submit
Reports

Overview

overview

Static

static

6059c8ff36...b3.exe

windows7-x64

6059c8ff36...b3.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6059c8ff3647cb28c44756ab494b64c44f61481515a498266fdc5e9804a49cb3.exe

Resource

win7-20220901-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6059c8ff3647cb28c44756ab494b64c44f61481515a498266fdc5e9804a49cb3.exe

Resource

win10v2004-20220812-en

gh0strat evasion rat

windows10-2004-x64

8 signatures

150 seconds

General

Target

6059c8ff3647cb28c44756ab494b64c44f61481515a498266fdc5e9804a49cb3
Size

212KB
MD5

0f1e0f24b67c6157bb417794f9a1e352
SHA1

121f6ea1de9c353d8e7d678f46a300a03568ff83
SHA256

6059c8ff3647cb28c44756ab494b64c44f61481515a498266fdc5e9804a49cb3
SHA512

1de931e6f95c8bcb262f2e3427e389e05cf7dc6a91ada3c3c94456beded8f60421a307f6a57d706c9c53a2bd5a359a2d8237b1319757e212c8017909d9b4a7a1
SSDEEP

3072:MQOtrvdduTb5J2k6+ildJkApvD+fG5xnJhhUHYZsIP5m5a6lnvjRwYgV:MQuVduL2oixOGhJZ2z

Score

N/A

Malware Config

Signatures

Files

6059c8ff3647cb28c44756ab494b64c44f61481515a498266fdc5e9804a49cb3
.exe windows x86

c01281239717fc17ddea4a3db0d1e5b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
LockResource
LoadResource
SizeofResource
FindResourceA
MoveFileA
DeleteFileA
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA

user32

wsprintfA

shell32

ShellExecuteA

msvcrt

??3@YAXPAX@Z
memcpy
memset
realloc
free
??2@YAPAXI@Z
strlen
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stricmp

urlmon

URLDownloadToFileA

Exports

Exports

Ip

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jwdbmmj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy