gh0strat | a47a6dacc5cbde1e09b3f28f3b8d5a69b03c49804301c891468288f7d1399307 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a47a6dacc5cbde1e09b3f28f3b8d5a69b03c49804301c891468288f7d1399307
Size

634KB
MD5

6400fefec946a51cfc3f694e1c76bfc0
SHA1

9fc68557364c8638a87475b3646d19d3bfb5e24c
SHA256

a47a6dacc5cbde1e09b3f28f3b8d5a69b03c49804301c891468288f7d1399307
SHA512

85e60d0839a69487ebad40484fb9d729970a1269165a8d175bfa7c33fdc00c4333e9b679150b686ddec47e9d693352023af32d13ba9eac17340df267f794636f
SSDEEP

12288:XcjrLQhTeGDF1r+TStBXvWyZ4uVNedGlH4M5ZLFPMdCR:XcjeTeGDF1r+TStBXhZPVNXJ4M5ZJkd

Score

10^/10

gh0strat

Malware Config

Signatures

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

Gh0strat family
gh0strat

Files

a47a6dacc5cbde1e09b3f28f3b8d5a69b03c49804301c891468288f7d1399307
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 487KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 502KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��к��
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE