5a060542cf9f3cbbbe3a4ed960246115fcaa885f68485833e325fb2cc4534774 | Triage

Submit
Reports

Overview

overview

Static

static

1

5a060542cf...74.exe

windows7-x64

5a060542cf...74.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a060542cf9f3cbbbe3a4ed960246115fcaa885f68485833e325fb2cc4534774.exe

Resource

win7-20231129-en

gh0strat purplefox persistence rat rootkit trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a060542cf9f3cbbbe3a4ed960246115fcaa885f68485833e325fb2cc4534774.exe

Resource

win10v2004-20240412-en

gh0strat purplefox persistence rat rootkit trojan

windows10-2004-x64

12 signatures

150 seconds

General

Target

5a060542cf9f3cbbbe3a4ed960246115fcaa885f68485833e325fb2cc4534774
Size

1.7MB
MD5

6da68bfcef6ef53c0b1ee72659d3eef5
SHA1

6f05d2c7048b467b487bb7c2ff489dd7c3e6f564
SHA256

5a060542cf9f3cbbbe3a4ed960246115fcaa885f68485833e325fb2cc4534774
SHA512

689fbf4f39bcfba78f5af7c8a25bd6a2233824c4dbf8eaa52be15a74807eeef866fceb881422405e2ceefaafd02e190d1404f89828d40437a2c2dbde0af8ebb9
SSDEEP

24576:QOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN25o9wtP66Fv:ZHPkVOBTKco+tPZJ

Score

1^/10

Malware Config

Signatures

Files

5a060542cf9f3cbbbe3a4ed960246115fcaa885f68485833e325fb2cc4534774
.exe windows:4 windows x86 arch:x86

Code Sign

0c:bf:a1:0c:ee:b1:f7:81:48:af:58:92:56:9d:fe:85
Certificate

Issuer

CN=Lbh-ssy-CA v1.01

Not Before

31-12-1999 16:00

Not After

07-08-8888 16:00

Subject

CN=Lbh-ssy-CA v1.01

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 429KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy