050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403 | Triage

Submit
Reports

Overview

overview

Static

static

1

050d922dde...03.exe

windows7-x64

050d922dde...03.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403.exe

Resource

win7-20220812-en

gh0strat purplefox rat rootkit trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403.exe

Resource

win10v2004-20220812-en

gh0strat purplefox rat rootkit trojan upx

windows10-2004-x64

13 signatures

150 seconds

General

Target

050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
Size

2.3MB
MD5

da86020dfe6864f4d1cd5d9cca81b07e
SHA1

fc063a1e268fc3ecf064b6acf727d9dad2036ac6
SHA256

050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
SHA512

5efd33e7efd467dd452b07b7372bbdb4099b7214fa964e5a6f8acab51303d72fb61b41b2b0e7dc3a86069a641b7903fd96086298c3dc0096ea3b57474821ac25
SSDEEP

49152:0dITtmhdLLX4+K7AFc6eUbJ8HeNnENfpFMPGO42djTHVGabM1:0dWtmhd3IlgcC2HeaNfp+uOfjTK1

Score

1^/10

Malware Config

Signatures

Files

050d922ddefbb64dfe1493f7ca7a6fab3aac8c6e71b7da4eb656535822292403
.exe windows x86

8b38f5c575155ad4eea045988566d1e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

rasapi32

RasHangUpA

kernel32

SetFilePointer

user32

GetMessagePos

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

LoadTypeLi

comctl32

ord17

wininet

InternetCloseHandle

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.3MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy