image_2023-03-25_15-34-35[.]png[.]virus[.]pif | Triage

Submit
Reports

Overview

overview

Static

static

1

image_2023...us.exe

windows7-x64

image_2023...us.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

image_2023-03-25_15-34-35.png.virus.exe

Resource

win7-20230220-en

gh0strat purplefox rat rootkit trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

image_2023-03-25_15-34-35.png.virus.exe

Resource

win10v2004-20230220-en

gh0strat purplefox rat rootkit trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

image_2023-03-25_15-34-35.png.virus.pif
Size

1.5MB
MD5

304f1fe84d21240f53265556f3e7aec1
SHA1

ba0b6b5b2b95316e64e9ff0707d05aba07f614c5
SHA256

445823ec2a16daeee6bab7018eb8e940d196d32e1e658745dabe925ccb9e2529
SHA512

d63606f4c2c0aac50ad8bd9bc096262f425bfb929dd4358156ec1bc497c80d0251c9595f77781b1dfd4b3c0c971bdbea0a190512db896e499a1a04974682a620
SSDEEP

24576:fLM4cWyTOI+rDsjmWs4V6NB+HMSu+O8MYehJsjLvYikHHJkSj+Z9X6DciYamKgFY:fLM4c3TOtrDsKivuwMhJKvrmHJcpSPYU

Score

1^/10

Malware Config

Signatures

Files

image_2023-03-25_15-34-35.png.virus.pif
.exe windows x86

3e1d085b096b26f01b899335085da3e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

user32

LoadMenuA

gdi32

RestoreDC

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

shell32

DragQueryFileA

comctl32

ord17

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 636KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 840KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy