Behavioral task
behavioral1
Sample
527ee91f6013db6e610ae63c1bb5dd3ce903ac974ac5d0f24faeffae1c8d5e5e.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
527ee91f6013db6e610ae63c1bb5dd3ce903ac974ac5d0f24faeffae1c8d5e5e.exe
Resource
win10v2004-20240802-en
General
-
Target
527ee91f6013db6e610ae63c1bb5dd3ce903ac974ac5d0f24faeffae1c8d5e5e
-
Size
109KB
-
MD5
d2cd804d947cb50cf35b1c2d8ee116ba
-
SHA1
92de99619b48b4e43de97b94a8c1a6ad339dd0c8
-
SHA256
527ee91f6013db6e610ae63c1bb5dd3ce903ac974ac5d0f24faeffae1c8d5e5e
-
SHA512
86063c003dcb59e1e26a22fe958d56294d5126c398706b1b13f0652182b7c80e1c6178fd73ad78d44155208c1121566efc49cddb0cf79eaf7f1176e9e1626fd8
-
SSDEEP
1536:X8VF6FQ85LFiGkSzyqzin5SP9cljcfcU9CEw9aINe3zh:OF6F15h/zIn5S1aj+cU9CEw9aINejh
Malware Config
Signatures
-
Gh0st RAT payload 1 IoCs
resource yara_rule sample family_gh0strat -
Gh0strat family
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 527ee91f6013db6e610ae63c1bb5dd3ce903ac974ac5d0f24faeffae1c8d5e5e
Files
-
527ee91f6013db6e610ae63c1bb5dd3ce903ac974ac5d0f24faeffae1c8d5e5e.exe windows:6 windows
Headers