Overview

overview

10

Static

static

10

54daa7c70c...bf.dll

windows7-x64

7

54daa7c70c...bf.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    54daa7c70cf37d5715e5f2f1ad0a0717932e387e13fc0d417eaff28a53d39abf

  • Size

    42KB

  • MD5

    38933fda6fcd34924a3207b29ffc9126

  • SHA1

    2651dc57474ece27e992eb78f2b97b985f7e9509

  • SHA256

    54daa7c70cf37d5715e5f2f1ad0a0717932e387e13fc0d417eaff28a53d39abf

  • SHA512

    d2c6e239ee6e00ce7a04f8b83de306acec75306e6509afb2a2be9d5a66157e1fcc6435f928a6b9fd563f51511c29dedd95f77deb54feb8d06913a754d31bd499

  • SSDEEP

    768:kWiCBj8UfOCSzU19h4hFP51I0GUcy0Myeiw5+sGhrmmicdhy4E+:Hr8U9lvKH5S0Au+ZVjiKX

Score
10/10
upxgh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 54daa7c70cf37d5715e5f2f1ad0a0717932e387e13fc0d417eaff28a53d39abf
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections