General

  • Target

    e71e205f9c8d546b3440496e753092fb64b935d3a4527cfaee51edd516174755

  • Size

    7.3MB

  • MD5

    777753675a1edbfaa1023c2ad1cfe044

  • SHA1

    eb0263e8965c89a3e39f72915ac6095979e83d4b

  • SHA256

    e71e205f9c8d546b3440496e753092fb64b935d3a4527cfaee51edd516174755

  • SHA512

    e7923a81df8e957d756bfecd1cf4d1f30471397b0876179ea0014f64665f2779cc2aa94a5349525688508d4c50ab4e8f58b210eefd3f58a421795e38f55fc4e1

  • SSDEEP

    98304:sxfruKz0XLzCE0TEWcs5s7SMwzHZ6M1rM/e2l6yFyJfQa4s:azOCE0xZ6M1rGSfQ0

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
  • CryptOne packer 1 IoCs

    Detects CryptOne packer defined in NCC blogpost.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e71e205f9c8d546b3440496e753092fb64b935d3a4527cfaee51edd516174755
    .exe windows:4 windows x86 arch:x86

    13e1c3269ca7b56cbbb1c9eb16ffd2e8


    Headers

    Imports

    Sections