Overview

overview

10

Static

static

10

49ba10220a...16.exe

windows7-x64

49ba10220a...16.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    49ba10220a4293d91c66fb0dc551c3adea5253cb2204e8f2381095808a0b5a16

  • Size

    109KB

  • MD5

    778a218a200d71e736055111ec49cf3f

  • SHA1

    97eb92f3504ea15637e923d1962ca2cc2cd9f385

  • SHA256

    49ba10220a4293d91c66fb0dc551c3adea5253cb2204e8f2381095808a0b5a16

  • SHA512

    c279e0a6b1762534d090ea09129bbea9d5eb39c6ef9ee9ba560544d0e7b22bbe1c8d4a39cb98b9c9af3b96eec077027d6afb775fd34c4cd68f8c1158cc35bd8e

  • SSDEEP

    1536:bF6FQ85LFiGkSzyqzin5SP9cljcfcU9CEw9aINe3z5:bF6F15h/zIn5S1aj+cU9CEw9aINej5

Score
10/10
gh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 49ba10220a4293d91c66fb0dc551c3adea5253cb2204e8f2381095808a0b5a16
    .exe windows:6 windows


    Headers