General
-
Target
3428-40-0x0000000010000000-0x000000001001C000-memory.dmp
-
Size
112KB
-
MD5
898d5c0b0651762deafb49b9f04ac734
-
SHA1
c62e327f19919dc50b9b5e8e6db7e6a3dd745cc8
-
SHA256
37b59d258b7ee3c39d10eff7b426941d54bff2eab82331e173ae5d99ed0b06b8
-
SHA512
1d139b67fa5eefad5cf15f0fb5ed35ea304bfd4c5d1429cede01cd47f0ec9b0f308985a30b501d386d15614b5ea9daab9552aaf3ff2eaf6ace9448b92e20497b
-
SSDEEP
1536:7F6FQ85LFiGkSzyqzin5SP9cljcfcU9CEw9aINe3z:7F6F15h/zIn5S1aj+cU9CEw9aINej
Score
10/10
Malware Config
Signatures
-
Gh0st RAT payload 1 IoCs
resource yara_rule sample family_gh0strat -
Gh0strat family
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3428-40-0x0000000010000000-0x000000001001C000-memory.dmp
Files
-
3428-40-0x0000000010000000-0x000000001001C000-memory.dmp.exe windows:6 windows
Headers