Behavioral task
behavioral1
Sample
0452694c18581c3a94f5dde262dc92c14160e4ca95a8c6f61c1eb316827d9100.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0452694c18581c3a94f5dde262dc92c14160e4ca95a8c6f61c1eb316827d9100.exe
Resource
win10v2004-20240802-en
General
-
Target
0452694c18581c3a94f5dde262dc92c14160e4ca95a8c6f61c1eb316827d9100
-
Size
109KB
-
MD5
74a8c8c23a58679e5bb125fabe04f9c1
-
SHA1
186ddbab77c6fb53442050866600674ae1e50e12
-
SHA256
0452694c18581c3a94f5dde262dc92c14160e4ca95a8c6f61c1eb316827d9100
-
SHA512
e22f839fc34d97cf078648b08a60693cb849f7baefd673958b61b511c0e7ee191c70bf5ded632c7010c4fc50673bb0c21810ce83d8bda275399598bec7311055
-
SSDEEP
1536:YF6FQ85LFiGkSzyqzin5SP9cljcfcU9C8Bw9aINe3zz:YF6F15h/zIn5S1aj+cU9C8Bw9aINejz
Malware Config
Signatures
-
Gh0st RAT payload 1 IoCs
resource yara_rule sample family_gh0strat -
Gh0strat family
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0452694c18581c3a94f5dde262dc92c14160e4ca95a8c6f61c1eb316827d9100
Files
-
0452694c18581c3a94f5dde262dc92c14160e4ca95a8c6f61c1eb316827d9100.exe windows:6 windows
Headers