General
-
Target
2276-7-0x0000000000400000-0x000000000233B000-memory.dmp
-
Size
31.2MB
-
MD5
7a9949698794f03cd2b3361b8325af59
-
SHA1
a704348510472392e565a722c3d52996d60df8dd
-
SHA256
94ccd38497eb752e75e752208e94b81adfc6504203ab47bf2e9f51e880161398
-
SHA512
bc8db923203288267b4cbc351d2d3aa043cb7d6d295ce94d14a37b9b85632cef67fd86aecde89bc871b6779a29e7c8c4fdec54ce6b2c458f8979274f92b6f7fb
-
SSDEEP
196608:m0j2VCjP3Gx0GaN+hn0u50iIoysG+Xcni0iYvr00E5GqJd5igOcSWUOMzn0O1koV:6mGxrz0utIoLv520IiBOcSWUOMr0Klz
Score
10/10
Malware Config
Extracted
Family
gh0strat
C2
hfs666.top
Signatures
-
Detect PurpleFox Rootkit 1 IoCs
Detect PurpleFox Rootkit.
-
Gh0st RAT payload 1 IoCs
-
Gh0strat family
-
Purplefox family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2276-7-0x0000000000400000-0x000000000233B000-memory.dmp
Headers
Sections