gh0strat | 2c8ddc986d70edca97d6acee84305afa0eb5401086c3e8e375fc74fb1857bb64 | Triage

Sharing

General

Target

2c8ddc986d70edca97d6acee84305afa0eb5401086c3e8e375fc74fb1857bb64
Size

196KB
MD5

bbe706dc16893153a473fdea76fea965
SHA1

f15bf6acc37a35ca39d19debadfc979a3f8f1886
SHA256

2c8ddc986d70edca97d6acee84305afa0eb5401086c3e8e375fc74fb1857bb64
SHA512

6f37ce9eccbdc6eaba96d847a99b95d5c3054d560344a86f45d7511a447e79b6d776d62a0fefb942cbb68d93f36445c5fe1b47b7e0bfb335ec146d9163008690
SSDEEP

3072:EbBiSTYtonc+me4gwWf2VBEOQqFCaezYgek:EbBikPZQecETMCGs

Score

10^/10

gh0strat

Malware Config

Signatures

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

Gh0strat family
gh0strat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8ddc986d70edca97d6acee84305afa0eb5401086c3e8e375fc74fb1857bb64

Files

2c8ddc986d70edca97d6acee84305afa0eb5401086c3e8e375fc74fb1857bb64
.exe windows:4 windows x86

13ab381dacef214bd7c905ade17ea0aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
CloseHandle
lstrlenA
WriteFile
CreateFileA
FindResourceA
GetProcAddress
LoadLibraryA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetOEMCP
GetACP
GetCPInfo
ReadFile
MultiByteToWideChar
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
FlushFileBuffers
SetFilePointer
GetStdHandle
WideCharToMultiByte
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
GetStringTypeW

msvcrt

??1type_info@@UAE@XZ
??3@YAXPAX@Z
_onexit
__dllonexit
_CxxThrowException
_CIpow
__CxxFrameHandler
??2@YAPAXI@Z

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ