Overview

overview

10

Static

static

10

NEAS.12c9a...20.exe

windows7-x64

10

NEAS.12c9a...20.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.12c9a045bc7bbdd29d3a979dce243b20.exe

  • Size

    288KB

  • MD5

    12c9a045bc7bbdd29d3a979dce243b20

  • SHA1

    db2088cc9655f15c8874aa046fbd5c868cc6afda

  • SHA256

    664232dada5918520e94c1c8dab1cb28c773dc7dcd9643ca682b419306eaebf5

  • SHA512

    07f41aad5dce1c530be59f31d9dad4b51e98dc6e28a96ccf0a9559f3d0390609776d90aa88ebfebee4bf4332adfa03dd2873159ab7c128c8e245b051b9b9f884

  • SSDEEP

    3072:6oUGzRVHgCcnV5j9j0lvil2NnGfNGHqRy1zkeS1FpTa3q5tJHUtaoK8OCOwiWAo1:wGzRxSVtp0l6whGfsKR+zkBpTaa5tJHS

Score
10/10
upxgh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.12c9a045bc7bbdd29d3a979dce243b20.exe
    .exe windows:4 windows x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86


    Headers

    Sections