gh0strat | 6bce8240281efa6b4eb4992df1c29a578667975c7663acc48320742e91fc0f21

General

Target

6bce8240281efa6b4eb4992df1c29a578667975c7663acc48320742e91fc0f21
Size

109KB
MD5

b3e6a1424b3853a6c287740fdcd78123
SHA1

a111b0b335b284f1f7b1860f19e9d0086c7339a8
SHA256

6bce8240281efa6b4eb4992df1c29a578667975c7663acc48320742e91fc0f21
SHA512

5c45a9e16d83093874cec42f776fe9fe6af6854fbe7b05257ca384b258358f6b4417c27b057f5e7c4a9a2eb24afb7a65252ec24f53959896a29086a907dac80a
SSDEEP

3072:uF6F15h/zIn5S1aj+cU9C8ugGw9aINeja:NFjhLI5SG+F59aIA2

Score

10^/10

gh0strat

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bce8240281efa6b4eb4992df1c29a578667975c7663acc48320742e91fc0f21

6bce8240281efa6b4eb4992df1c29a578667975c7663acc48320742e91fc0f21
.exe windows:6 windows

Headers