Overview

overview

10

Static

static

10

df98afdbe6...f3.dll

windows7-x64

1

df98afdbe6...f3.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    df98afdbe636444e2391b1e2ae26b1f1a48cb9f1a0a097c00504f853dd056df3.bin

  • Size

    1.5MB

  • MD5

    b6faab2cb950ec82e77d691cae6629fc

  • SHA1

    74110d0c2d1b8a8b1fdf39c0f991df75cdc2ed27

  • SHA256

    df98afdbe636444e2391b1e2ae26b1f1a48cb9f1a0a097c00504f853dd056df3

  • SHA512

    a0d7ec2c4b59b425e5bbc1a8596670530000e27a1e4292e279623b263adfea9f57f8387553a805e85e477cd384f1481d04453da7d2098bb0e0aa602ee8050101

  • SSDEEP

    24576:BJunaIn7Rac+I8Sijva1BsSx65M5WbUg/n3MtRldzFR0:BA/zR0

Score
10/10
upxgh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • df98afdbe636444e2391b1e2ae26b1f1a48cb9f1a0a097c00504f853dd056df3.bin
    .dll windows x86


    Headers

    Exports

    Sections