Behavioral task
behavioral1
Sample
4c3e926381b0aa56d7117476299383aafd8771ef5707010a1f859839248f2cbd.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4c3e926381b0aa56d7117476299383aafd8771ef5707010a1f859839248f2cbd.exe
Resource
win10v2004-20241007-en
General
-
Target
4c3e926381b0aa56d7117476299383aafd8771ef5707010a1f859839248f2cbd
-
Size
109KB
-
MD5
2ddcbc1f79a503c7431ac0b7827f3504
-
SHA1
0240b71559b58f436dd0add32807ef5d7841d206
-
SHA256
4c3e926381b0aa56d7117476299383aafd8771ef5707010a1f859839248f2cbd
-
SHA512
00daa9e0768f9fab976dbb93b6034ef7386b29e84e2ecaefef0ec0ad2228b179941b19b572aa96a30f2de11f27e8c1ef7369c92b54f4bdf54561808376fe72d0
-
SSDEEP
3072:SF6F15h/zIn5S1aj+cU9C8pgGw9aINej0:pFjhLI5SG+Fo9aIAg
Malware Config
Signatures
-
Gh0st RAT payload 1 IoCs
resource yara_rule sample family_gh0strat -
Gh0strat family
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4c3e926381b0aa56d7117476299383aafd8771ef5707010a1f859839248f2cbd
Files
-
4c3e926381b0aa56d7117476299383aafd8771ef5707010a1f859839248f2cbd.exe windows:6 windows
Headers