a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189 | Triage

Submit
Reports

Overview

overview

Static

static

1

a193953a3d...89.exe

windows7-x64

a193953a3d...89.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189.exe

Resource

win7-20230220-en

gh0strat purplefox rat rootkit trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189.exe

Resource

win10v2004-20230220-en

gh0strat purplefox rat rootkit trojan

windows10-2004-x64

10 signatures

150 seconds

General

Target

a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
Size

4.6MB
MD5

2d3b8d39bd8f40531deafdc0075fe739
SHA1

b418b1d6f0099e8e99917600d14778cfb6890758
SHA256

a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
SHA512

2adc6f295f54a7e911e7ea735feaa76b9a035db535e1654fc81149de1eeec33bc25f3b70ba332a38697391c47c9239df15ce2bdf7c0aa7484326e0ed113e1f44
SSDEEP

98304:f1T69a1N423oVs8o5D9AxRJ04fOTnWJ8kbURYM1jm4f3W9+r4:f1TXTKzCG7K4fJIRjV7fW+c

Score

1^/10

Malware Config

Signatures

Files

a193953a3d22eb5d267f0a75071f400128a5a07354605eb36da409e81f5a9189
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CreateInstance

Sections

Size: 269KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 33KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 43KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 430KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 191KB - Virtual size: 13.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Toata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy