gh0strat | 1076-62-0x0000000000400000-0x000000000060E000-memory[.]dmp

General

Target

1076-62-0x0000000000400000-0x000000000060E000-memory.dmp
Size

2.1MB
MD5

c057a761ce85bc8542145465e0558aff
SHA1

2516f20f78dd1492295264e126068df7602908bc
SHA256

462088e0df3c6cebac5a2bf7f159c10c70f90edb1fa0017d55d3a4c8fd6db4b3
SHA512

12cfbbcce8f119522652d2e68d70308e84cbf99ebe2590e277a6e60f125ae5ee80ddd00923b6dcdb0c3da67c675dd09b63f6c4da5d748192e5286447af55b507
SSDEEP

24576:IO9k73RXK/3FYFuBCy3oNabo0iSD1gAdGM/gtM5/GfHKMwMtRm8qEgurHEr35wZj:v/Acw2TCLk2oTpE/WwDIpvxU

Score

10^/10

Family

gh0strat

C2

103.42.31.22

Detect PurpleFox Rootkit 1 IoCs
Detect PurpleFox Rootkit.
rootkit

Processes:

resource yara_rule

sample purplefox_rootkit
Gh0st RAT payload 1 IoCs

Processes:

resource yara_rule

sample family_gh0strat
Gh0strat family
gh0strat
Purplefox family
purplefox

resource	yara_rule
sample	purplefox_rootkit

resource	yara_rule
sample	family_gh0strat