Overview

overview

10

Static

static

10

3902a960a3...8N.exe

windows7-x64

3902a960a3...8N.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3902a960a3fd5ff1c3c1fa505ef557e886c12c8b7cb68299f7abd1e161405a78N

  • Size

    109KB

  • MD5

    ef54947d3e1d1ffc523e9ff0b21bbf70

  • SHA1

    5cd277507af8756a24cf782364b6b1ff49e104ad

  • SHA256

    3902a960a3fd5ff1c3c1fa505ef557e886c12c8b7cb68299f7abd1e161405a78

  • SHA512

    7f9e9711249e79e300bd0e8505698f797ab1939edbdde3246e77cb9c7d11cdc61c03334295d9f581f0114ae0e462f6bc715ac4034c707614ed57782ee1a491ed

  • SSDEEP

    1536:18F6FQ85LFiGkSzyqzin5SP9cljcfcU9CEw9aINe3z6:18F6F15h/zIn5S1aj+cU9CEw9aINej6

Score
10/10
gh0strat

Malware Config

Signatures

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3902a960a3fd5ff1c3c1fa505ef557e886c12c8b7cb68299f7abd1e161405a78N
    .exe windows:6 windows


    Headers