Overview

overview

10

Static

static

10

56e892d1c4...48.exe

windows7-x64

56e892d1c4...48.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    56e892d1c474d42b9c7c17f9382cdfe5d719eb58721f91ec782ed9998d4a7b48

  • Size

    109KB

  • MD5

    46a9d018306c9f308dcc724049e20704

  • SHA1

    28934e6cbd5e90ba9f0dd164bec61466be72add4

  • SHA256

    56e892d1c474d42b9c7c17f9382cdfe5d719eb58721f91ec782ed9998d4a7b48

  • SHA512

    f7a97f4850fe1723e5b3b2c9169510c0dbab54507b6a42c8a9071591c774c05b79111e83561d212aeca5eaf5843b7083d9c48ffcfcd0c9a5bb02d353896ebb99

  • SSDEEP

    3072:DF6F15h/zIn5S1aj+cU9CSg5w9aINejh+:MFjhLI5SG+FP9aIAd+

Score
10/10
gh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 56e892d1c474d42b9c7c17f9382cdfe5d719eb58721f91ec782ed9998d4a7b48
    .exe windows:6 windows


    Headers