Overview

overview

10

Static

static

10

7f99ae826d...88.dll

windows7-x64

10

7f99ae826d...88.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f99ae826d7a4b62f4c15649a54c3e1182ac6ab845ac44805afd751baef9a788

  • Size

    1.5MB

  • MD5

    43cd7283ef687bd0839d590e9c9ca785

  • SHA1

    da0fe8d9ee0e675ad3f38d35f88c22712d9919fd

  • SHA256

    7f99ae826d7a4b62f4c15649a54c3e1182ac6ab845ac44805afd751baef9a788

  • SHA512

    64c53214d6ebf7fb296101ed9736cb54e0d8e1e4b9759a2d5667cde622a466ce239b936527cdc9d4b2095f8d6ff3116fe555d0bc9dee34a17a32ed685cbf2f19

  • SSDEEP

    24576:7MfywgIt/65Fu99573/aiVIOYrFzpCM5hyv3m8AMtRyce0LIOK0B:l49r7

Score
10/10
rootkitupxgh0stratpurplefox

Malware Config

Signatures

  • Detect PurpleFox Rootkit 1 IoCs

    Detect PurpleFox Rootkit.

    rootkit
  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • Purplefox family
    purplefox
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7f99ae826d7a4b62f4c15649a54c3e1182ac6ab845ac44805afd751baef9a788
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections