General

  • Target

    94beb32181e321ef10e85ee652f1ef1e602c252d6c7d4593c556a6bfcec1d4f0

  • Size

    1.2MB

  • MD5

    d4852875c3dc6e21736c3daa4e22a1b9

  • SHA1

    bf49ea2e7649eb75e3ba5635cf9634e58add229b

  • SHA256

    94beb32181e321ef10e85ee652f1ef1e602c252d6c7d4593c556a6bfcec1d4f0

  • SHA512

    3664251c8c35b114a83c72115dbd107c6c1e5a50524c21d2601a9bfab134f1694696f37e1889a635d17e60f26b1dbbd1d579076bfee49a49b8dbfc9d1bafaa41

  • SSDEEP

    24576:rY/e8/SWTObbGMuZiRN06C7slAGZM5GrkQPXHMtR1tD1b8tTsR1K0y1k:XXrCWTsL

Malware Config

Signatures

  • Detect PurpleFox Rootkit 1 IoCs

    Detect PurpleFox Rootkit.

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
  • Purplefox family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 94beb32181e321ef10e85ee652f1ef1e602c252d6c7d4593c556a6bfcec1d4f0
    .dll windows:4 windows x86 arch:x86

    0d8db390cee77abf4b6e0f5842817f35


    Headers

    Imports

    Exports

    Sections