Overview

overview

10

Static

static

10

2025-04-03...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-03_afc70ad0b0641752c5537dddd9fa6b53_cobalt-strike_frostygoop_ghostlocker_luca-stealer_sliver_snatch

  • Size

    4.3MB

  • MD5

    afc70ad0b0641752c5537dddd9fa6b53

  • SHA1

    575887bd065af5a552ab8a1621000bba7ef36c0a

  • SHA256

    588c35bd2c86c1dcc5830e156fb30d64e1cbf135c357b0f3a3b6a99880462456

  • SHA512

    d8a84e3de783becf60bd7a76f491c6c304a5dd34e10d890c4f2631d94e8f5f4bb4b89d48faea4134ea2300d1cef51e98812b616023fcba0fa09cb521e5a48a89

  • SSDEEP

    98304:ieF+iIAEl1JPz212IhzL+Bzz3dw/VabPlZ4GIwtoSRCkT+ChbU:pWvSDzaxztQVabPlZ4GIwtoSRCkT+ChQ

Score
10/10
gofing

Malware Config

Signatures

  • Gofing family
    gofing
  • Gofing is a ransomware written in Golang using Velocity Polymorphic Compression (VPC) obfuscation. 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2025-04-03_afc70ad0b0641752c5537dddd9fa6b53_cobalt-strike_frostygoop_ghostlocker_luca-stealer_sliver_snatch
    .exe windows:6 windows x64 arch:x64

    c7269d59926fa4252270f407e4dab043


    Headers

    Imports

    Sections