gh0strat | 580d5fa80d934c2942645e84034d8f2f644c657c783c5c55efc85f9a3457259a

General

Target

580d5fa80d934c2942645e84034d8f2f644c657c783c5c55efc85f9a3457259a
Size

112KB
MD5

c96bd9ed9f20f109abbb2350687f6fce
SHA1

eef567f4f8d17a68c49ddcc6aede42f31f63aace
SHA256

580d5fa80d934c2942645e84034d8f2f644c657c783c5c55efc85f9a3457259a
SHA512

ed4236151085e092f57798953758989912464bb0fa9254de2440094da3173b8e34c3f8c7f6eaba162d4dbebfdd3db0692cd66ca83554bd23252f2a0c370e2d5a
SSDEEP

3072:PF6F15h/zIn5S1aj+cU9C8Yrgtw9aINej:QFjhLI5SG+Fg9aIA

Score

10^/10

gh0strat

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
580d5fa80d934c2942645e84034d8f2f644c657c783c5c55efc85f9a3457259a

580d5fa80d934c2942645e84034d8f2f644c657c783c5c55efc85f9a3457259a
.exe windows:6 windows

Headers