gh0strat | f8ba0ae0776c91e8e736762008edbe09fdb225e58c6817248cba8380988d3b8b

General

Target

f8ba0ae0776c91e8e736762008edbe09fdb225e58c6817248cba8380988d3b8b
Size

112KB
MD5

064b912f45e6f39acc6d831758e867e9
SHA1

51f32ab421be76a8da32fcafe0cdaa2002d3ddd4
SHA256

f8ba0ae0776c91e8e736762008edbe09fdb225e58c6817248cba8380988d3b8b
SHA512

9a795a84bfa4861f2ba44f90a9b76cb0269b753c034aa5e8250e3e877402524ed38279314fca9444b1423ef6d0f9d5c5470e91b5ea2488d58e3cc3c11a831993
SSDEEP

3072:RF6F15h/zIn5S1aj+cU9C879gLw9aINej:yFjhLI5SG+FF9aIA

Score

10^/10

gh0strat

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8ba0ae0776c91e8e736762008edbe09fdb225e58c6817248cba8380988d3b8b

f8ba0ae0776c91e8e736762008edbe09fdb225e58c6817248cba8380988d3b8b
.exe windows:6 windows

Headers