Overview

overview

8

Static

static

3

CyberGhost...94.rar

windows7-x64

CyberGhost...94.rar

windows10-2004-x64

CyberGhost...H2.exe

windows7-x64

8

CyberGhost...H2.exe

windows10-2004-x64

8

CyberGhost...eg.dat

windows7-x64

CyberGhost...eg.dat

windows10-2004-x64

CyberGhost...ip.dll

windows7-x64

1

CyberGhost...ip.dll

windows10-2004-x64

1

CyberGhost...CE.zip

windows7-x64

1

CyberGhost...CE.zip

windows10-2004-x64

1

CyberGhost...er.exe

windows7-x64

8

CyberGhost...er.exe

windows10-2004-x64

8

CyberGhost...eg.dat

windows7-x64

3

CyberGhost...eg.dat

windows10-2004-x64

3

CyberGhost...as.exe

windows7-x64

8

CyberGhost...as.exe

windows10-2004-x64

1

CyberGhost...ti.dat

windows7-x64

CyberGhost...ti.dat

windows10-2004-x64

3

CyberGhost...ti.dat

windows7-x64

3

CyberGhost...ti.dat

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    CyberGhost VPN 7.2.4294.rar

  • Size

    580KB

  • MD5

    f3246866d8760c807ec6a8660f012bda

  • SHA1

    6de5b2992f6c10a39d0c51560486b037270f1ffc

  • SHA256

    0042d0470d1f1dd3b29c15c1875ee9367c265f68319947f07e9a7784d95a69fa

  • SHA512

    2e792969df57fda3385e45d6f6e1b6aa976adf1f2dc479e9a04e44b224341d1c16c9deaea08dfea6e92588bafcdad731af702afeab0517ba93a49972e204c476

  • SSDEEP

    12288:u5NOn+5kOn+5DS/UPrwzpQDt9EZv9HbDQivYd6GjQGOaIUpk85mLXkPR:ONEckEcD2WiQRaRQivYd9MnaIUf5mi

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • CyberGhost VPN 7.2.4294.rar
    .rar
  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/cgsetup_en_nKwmL3CyQuXBCvjTVGH2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/compreg.dat
  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/skci/Ionic.Zip.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/skci/LICENCE.dat
    .zip
  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/skci/Launcher.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/skci/compreg.dat
  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/skci/sas.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/skci/xpti.dat
  • CyberGhost VPN 7.2.4294/CyberGhost VPN 7.2.4294/xpti.dat