Overview

overview

10

Static

static

10

1068-62-0x...ry.exe

windows7-x64

1068-62-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1068-62-0x0000000000400000-0x000000000060E000-memory.dmp

  • Size

    2.1MB

  • MD5

    5f5b67563ba32f0e0f23bc49ece35b2e

  • SHA1

    972b5bfc5ba6b402b86ae6e0dbe2e32f1ed97f97

  • SHA256

    32dcbf4673884eb448bcf0655a5dd2256ff6a17293ac2fdccfb5ba1ef58c0670

  • SHA512

    2392f316ac9898a8415a7b5cc78428b6661f77513f9f5e2336f11831f895b77bd892cdf83a67ed712e9fa818ac024174efaf511033c4f99ea2cdf78d70fd7f9d

  • SSDEEP

    24576:9O9k7VRXK/3FYFuBCy3oNabo0iSD1gAdGM/gtM5/GfHKMwMtRm8qEgurHEr35wZv:M9Acw2TCLLSoTpE/WwDIoTvxU

Score
10/10
rootkitgh0stratpurplefox

Malware Config

Extracted

Family

gh0strat

C2

190.92.242.47

Signatures

  • Detect PurpleFox Rootkit 1 IoCs

    Detect PurpleFox Rootkit.

    rootkit
  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • Purplefox family
    purplefox

Files

  • 1068-62-0x0000000000400000-0x000000000060E000-memory.dmp
    .exe windows x86


    Headers

    Sections