gh0strat | e25cd58bba3e6921384d7e58269376cf4a2d55c76662836a7f5a3a0dcfa16256

General

Target

e25cd58bba3e6921384d7e58269376cf4a2d55c76662836a7f5a3a0dcfa16256
Size

112KB
MD5

a9d378dc0fde07c19636b9cdda52fd10
SHA1

c509caa482b278236119e66bd7d8cab4eb0ba7ca
SHA256

e25cd58bba3e6921384d7e58269376cf4a2d55c76662836a7f5a3a0dcfa16256
SHA512

ab0c3825fbd9f7443467fbb4a056659ab0a9e22020c892e93a7da11b99a9a83845ef9e9454dde5e89b27eb0f00c35e813c194eb5f892ae42099f4fa2ca905e5f
SSDEEP

3072:CF6F15h/zIn5S1aj+cU9C8DIgOw9aINej:ZFjhLI5SG+Fj9aIA

Score

10^/10

gh0strat

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e25cd58bba3e6921384d7e58269376cf4a2d55c76662836a7f5a3a0dcfa16256

e25cd58bba3e6921384d7e58269376cf4a2d55c76662836a7f5a3a0dcfa16256
.exe windows:6 windows

Headers