Overview

overview

10

Static

static

10

2025-04-06...ch.exe

windows10-2004-x64

10

Resubmissions

06/04/2025, 16:36

250406-t4b6hstsb1 10

06/04/2025, 14:13

250406-rjthyszxe1 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-06_56c9b50e8936c2516fb1e809d9989912_cobalt-strike_frostygoop_ghostlocker_luca-stealer_sliver_snatch

  • Size

    4.2MB

  • MD5

    56c9b50e8936c2516fb1e809d9989912

  • SHA1

    0fcfa3e92f55200e884c718652ffee7f4ed013e8

  • SHA256

    f14034d2f0c5b5485ef0d868db57bc24b83793681fe7d28e5e89e6b1c3bb0abb

  • SHA512

    5ce6e2288497561d9bd01ce851588d94b25a0b6441973e7c3ab0cb73fae86567702ae091aaca8c32774aae10b23f66ce3730f26c8cb0a662e57f0759900bf31e

  • SSDEEP

    49152:ieutLO9rb/TrvO90dL3BmAFd4A64nsfJJ2TIA5GNP1Jr4u/TgAPNdi9128qk1q4A:ieF+iIAEl1JPz212IhzL+Bzz3dw/VC

Score
10/10
gofing

Malware Config

Signatures

  • Gofing family
    gofing
  • Gofing is a ransomware written in Golang using Velocity Polymorphic Compression (VPC) obfuscation. 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2025-04-06_56c9b50e8936c2516fb1e809d9989912_cobalt-strike_frostygoop_ghostlocker_luca-stealer_sliver_snatch
    .exe windows:6 windows x64 arch:x64

    c7269d59926fa4252270f407e4dab043


    Headers

    Imports

    Sections