Overview

overview

10

Static

static

10

eb55812aa6...18.dll

windows7-x64

8

eb55812aa6...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb55812aa6bc798f6e1c870c0d0728b7_JaffaCakes118

  • Size

    47KB

  • MD5

    eb55812aa6bc798f6e1c870c0d0728b7

  • SHA1

    936966c3f95d4ab09489a31587d903c2f43a994b

  • SHA256

    388fcaddc064e8b643c5b13a92637d4000d49480276695e1da0a8c52cf5815c5

  • SHA512

    26261daf9f7d4b4887e6322bccdbe2ca1776869a2a3b3417119b02893b73bc4b712d7d3f910426fd852e5fb567e3704cfccddb7b09d1ca5c8a66f7c753f666ca

  • SSDEEP

    768:ywDLAK4OJUtBFKn1sJgfoP6J9oQX0TUVL//dvOb1WJnzmbQISDczxwu/+fK:ywDLAK4OWFK1ugQP6wQkIVbl0AIMjc+i

Score
10/10
upxgh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • eb55812aa6bc798f6e1c870c0d0728b7_JaffaCakes118
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections