Overview

overview

10

Static

static

10

63e3b91df7...65.exe

windows7-x64

1

63e3b91df7...65.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    63e3b91df70aadd1b3bbf7312959b0a7473c472b4cce071a35d4e51e6cbdc565

  • Size

    2.1MB

  • MD5

    c0ba9b9e2626bb7b9468de6d83192564

  • SHA1

    23a6fe56e1a5d4a52147ef78a3ba8f54a475bb4c

  • SHA256

    63e3b91df70aadd1b3bbf7312959b0a7473c472b4cce071a35d4e51e6cbdc565

  • SHA512

    becc86365cec60fb351d804fb6211e45404afea4922185ac92189a2abf96fdeedfd9801e93472c98b127ec858e8f542bb8bc6e869d4f1217765d6ab328be9f6e

  • SSDEEP

    24576:kDUHFNvyC6X3bQm1JHiMhYNU2VuFiWM5GrkQPXHMtR1tD1ZhtTGOaK0/k8xrWPoR:6kmC3TGVLxrWgTka+90

Score
10/10
rootkitupxgh0stratpurplefox

Malware Config

Signatures

  • Detect PurpleFox Rootkit 1 IoCs

    Detect PurpleFox Rootkit.

    rootkit
  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
    gh0strat
  • Purplefox family
    purplefox
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 63e3b91df70aadd1b3bbf7312959b0a7473c472b4cce071a35d4e51e6cbdc565
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections