Behavioral task
behavioral1
Sample
f3220c30f5d463fcde5731b9bce37a94454603b11a9caa24d91522517538665b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f3220c30f5d463fcde5731b9bce37a94454603b11a9caa24d91522517538665b.exe
Resource
win10v2004-20240802-en
General
-
Target
f3220c30f5d463fcde5731b9bce37a94454603b11a9caa24d91522517538665b
-
Size
109KB
-
MD5
52ca5061402065f018303d6ea5c7b7d2
-
SHA1
8435fd2796ef600afcfaa5fa0d8028c83ae51e2c
-
SHA256
f3220c30f5d463fcde5731b9bce37a94454603b11a9caa24d91522517538665b
-
SHA512
96d6b45d996dfa3de650a643c4c124282188178e1424070948561a17e2b715f56153039f9ed7bb5d47df745cc32cfeed1f9e70f0a4bd3f8eb7e5f370ff874a0a
-
SSDEEP
1536:1RF6FQ85LFiGkSzyqzin5SP9cljcfcU9CEw9aINe3z1:1RF6F15h/zIn5S1aj+cU9CEw9aINej1
Malware Config
Signatures
-
Gh0st RAT payload 1 IoCs
resource yara_rule sample family_gh0strat -
Gh0strat family
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f3220c30f5d463fcde5731b9bce37a94454603b11a9caa24d91522517538665b
Files
-
f3220c30f5d463fcde5731b9bce37a94454603b11a9caa24d91522517538665b.exe windows:6 windows
Headers