Overview

overview

9

Static

static

7

gasai.rar

windows10-1703-x64

3

gasai/Gasai.exe

windows10-1703-x64

7

Gasai.pyc

windows10-1703-x64

3

gasai/config.json

windows10-1703-x64

3

gasai/crack.dll

windows10-1703-x64

9

gasai/devi...t.json

windows10-1703-x64

3

gasai/launcher.exe

windows10-1703-x64

7

gasai/login.txt

windows10-1703-x64

1

gasai/misc...0.html

windows10-1703-x64

gasai/misc...e.mmdb

windows10-1703-x64

3

gasai/misc/bans.txt

windows10-1703-x64

1

gasai/misc...og.txt

windows10-1703-x64

1

gasai/misc...ds.txt

windows10-1703-x64

1

gasai/misc...ot.png

windows10-1703-x64

3

gasai/misc/img.jpg

windows10-1703-x64

3

gasai/misc...og.txt

windows10-1703-x64

1

gasai/misc...og.txt

windows10-1703-x64

1

gasai/misc...s.json

windows10-1703-x64

3

gasai/misc/tags.json

windows10-1703-x64

3

gasai/misc/yuno.ico

windows10-1703-x64

3

gasai/noti...s.json

windows10-1703-x64

3

gasai/over...s.json

windows10-1703-x64

3

gasai/over...s.json

windows10-1703-x64

3

gasai/over...a.json

windows10-1703-x64

3

gasai/over...t.json

windows10-1703-x64

3

gasai/over...s.json

windows10-1703-x64

3

gasai/over...h.json

windows10-1703-x64

3

gasai/over...s.json

windows10-1703-x64

3

gasai/over...g.json

windows10-1703-x64

3

gasai/over...s.json

windows10-1703-x64

3

gasai/them...e.json

windows10-1703-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gasai.rar

  • Size

    131.2MB

  • MD5

    2e7a8f36236fd45417b2213d0768fa43

  • SHA1

    61ff5dc5ad0981857f5f212fe93742aef33960ae

  • SHA256

    11438a5e03ababdc7aa308a1c82fb1685c58bb0d4b0a7e3b0a2af7a3c28b62f4

  • SHA512

    38254324ef2a2ae591eb8c7618517dc824bc3cde4a709da8a798ab75ddcf711a35bdc85624d47ac693bb3da14193f2ca461163c1b38fa0c4c3a6aa41f68dc9f1

  • SSDEEP

    3145728:Q8s3kUCgZPG1eftBScfPn6MnvvxjgV6QfETIUjlTH7Shb:Q8s3kBkOIfZnjvxUV6QQIUxSh

Score
7/10
pyinstallerthemida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Detects Pyinstaller 1 IoCs
    pyinstaller
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • gasai.rar
    .rar
  • gasai/Gasai.exe
    .exe windows:5 windows x64 arch:x64

    0bbecc8e9f9f17b0ea9cc3899b15e5cf


    Headers

    Imports

    Sections

  • Gasai.pyc
  • gasai/config.json
  • gasai/crack.dll
    .dll windows:6 windows x64 arch:x64


    Headers

    Sections

  • gasai/device_whitelist.json
  • gasai/launcher.exe
    .exe windows:6 windows x64 arch:x64

    3b1f2acaf99643ae95db5789c844503d


    Headers

    Imports

    Sections

  • gasai/login.txt
  • gasai/misc/Direct Message with robio.xyz#0.html
    .js
  • gasai/misc/Geolilte.mmdb
  • gasai/misc/bans.txt
  • gasai/misc/debug_log.txt
  • gasai/misc/friends.txt
  • gasai/misc/gasaiselfbot.png
    .png
  • gasai/misc/img.jpg
    .jpg
  • gasai/misc/mention_delete_log.txt
  • gasai/misc/selfbot_detection_log.txt
  • gasai/misc/spoofed_profiles.json
  • gasai/misc/tags.json
  • gasai/misc/yuno.ico
  • gasai/notifications.json
  • gasai/overseer/aliases.json
  • gasai/overseer/giveaways.json
  • gasai/overseer/mimic_data.json
  • gasai/overseer/server_blacklist.json
  • gasai/overseer/servers.json
  • gasai/overseer/ssh.json
  • gasai/overseer/users.json
  • gasai/overseer/watching.json
  • gasai/overseer/webhooks.json
  • gasai/themes/default_theme.json