Overview

overview

10

Static

static

10

ea41205ffa...ba.dll

windows7-x64

3

ea41205ffa...ba.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea41205ffaa7b70b48672874dbdff5cd080b9af44c51487ab30bc361eebf16ba

  • Size

    1.3MB

  • MD5

    07056e507f43aadea1eb5a75e0446d12

  • SHA1

    563bc6a858f9e4d65e36ba4cea3089e0797ce85d

  • SHA256

    ea41205ffaa7b70b48672874dbdff5cd080b9af44c51487ab30bc361eebf16ba

  • SHA512

    fc4267ac829beab052dfaa3446f674d8f73c28b2d024c9e56149dc3f85496a11b4362d48e7e9d493b518e1ca1a135a8b209d88de8f84eebfd0212b71a220c650

  • SSDEEP

    24576:lJNMhuvVDL87GQiga0CrwZ9mvuefA0V8MlK6B2fr4M5AncIrP/MtR5tDV/V:3Y7BV

Score
10/10
upxgh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ea41205ffaa7b70b48672874dbdff5cd080b9af44c51487ab30bc361eebf16ba
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections