gh0strat | f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac | Triage

Submit
Reports

Overview

overview

Static

static

f757b667ee...ac.dll

windows7-x64

8

f757b667ee...ac.dll

windows10-2004-x64

1

Sharing

General

Target

f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac
Size

1.2MB
Sample

230821-f3wlwach5s
MD5

0fa6a6eaa2eaa1e72059e8e69fcec2d4
SHA1

e3dc7aca9bd62927c834cd8359daba670303642d
SHA256

f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac
SHA512

26ce8875af6514f259ae8347ea8dfdd79a496d4ff60de0eb0b8088dca78bd27f8051effcbc366b3bf9fcea38a6fb2537caa673b69a170e2f54fdc5f19915f4c5
SSDEEP

24576:x7VfUk5oHFnez3auiKycwSqpmo/JQM5WbUg/n3MtRldzFLMtT1SUK0xB:uJgKvvGT1dB

Score

10^/10

gh0strat purplefox evasion rootkit

Static task

static1

rootkit gh0strat purplefox

5 signatures

Behavioral task

behavioral1

Sample

f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac.dll

Resource

win7-20230712-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac
- Size
  
  1.2MB
- MD5
  
  0fa6a6eaa2eaa1e72059e8e69fcec2d4
- SHA1
  
  e3dc7aca9bd62927c834cd8359daba670303642d
- SHA256
  
  f757b667ee4bab7d4d626fd0145345162883d0f1dac6d1c1cc616d3e314436ac
- SHA512
  
  26ce8875af6514f259ae8347ea8dfdd79a496d4ff60de0eb0b8088dca78bd27f8051effcbc366b3bf9fcea38a6fb2537caa673b69a170e2f54fdc5f19915f4c5
- SSDEEP
  
  24576:x7VfUk5oHFnez3auiKycwSqpmo/JQM5WbUg/n3MtRldzFLMtT1SUK0xB:uJgKvvGT1dB
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

rootkitgh0stratpurplefox

behavioral1

behavioral2

© 2018-2025

Terms | Privacy