General

  • Target

    f036b3031238597750e077c2d03b2bc41d089f9db461244059db8485fac28e63

  • Size

    1.2MB

  • MD5

    4a2579809a60dafdd9da2c50484e8735

  • SHA1

    d3e1c79b5b5d7ab8ff2313d7696998527a3f5bd1

  • SHA256

    f036b3031238597750e077c2d03b2bc41d089f9db461244059db8485fac28e63

  • SHA512

    2af6ee811093ae53ec4d9358d44a5d6fbc32a85b509502010490c4eb324dd22cc659478ea2d39aa37b70dac71ca9544e427acd440f4ff1024bf0557ec0c666ff

  • SSDEEP

    24576:LohYJJUEWaGjGM7hiBrDaFy73fChNqhXWSNNmbCTM5GrkQPXHMtR1tD1b1tTkRoN:Lorx7TkQ

Malware Config

Signatures

  • Detect PurpleFox Rootkit 1 IoCs

    Detect PurpleFox Rootkit.

  • Gh0st RAT payload 1 IoCs
  • Gh0strat family
  • Purplefox family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f036b3031238597750e077c2d03b2bc41d089f9db461244059db8485fac28e63
    .dll windows:4 windows x86 arch:x86

    6718574bfa82ab04bcaf82fa9136fc6c


    Headers

    Imports

    Exports

    Sections