ghostm47568[.]exe | Triage

Sharing

General

Target

ghostm47568.exe
Size

761KB
MD5

a32ef83808036941c73fb567a2a63a43
SHA1

20d735d51b1d9397a69957c20ef54b3f67b97d8f
SHA256

0b6787b9226255086a296198f8075b09bef790ebce89c8b3020f9ca2e3ea859f
SHA512

c8b44ae2fd118b060c61c924970952f3a5ede3cc9341649b316aac97161a0db5ab61f3a320f0bf72b54d46386518f72d765d3959320ab209b565f04104045d1e
SSDEEP

12288:V8chkVgEgL7hkrcltFXl76t8i/8QK1ox2Qewr0Gjag64JSp:6chqgNlkktdl76t8i41dwr0GjhSp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ghostm47568.exe

Files

ghostm47568.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ