General
-
Target
60f5f9100f9c5793cba2c7bbd85e6ea7703dff4bb12d8f5d44620050642f47e2
-
Size
919KB
-
Sample
221020-rlykpahcc3
-
MD5
5a73f5e451b5c009494c49fd484e58af
-
SHA1
532b2702b09a1831cce9490de7b506510365c8bf
-
SHA256
60f5f9100f9c5793cba2c7bbd85e6ea7703dff4bb12d8f5d44620050642f47e2
-
SHA512
bd5acbdcf3ca500ca9da2a9a9e7ce24777ca163bf4099303bfa001566aae40de0a3337a03deff08c765bad686a57ae544b8590956ba541a44d61f8704d8abe9f
-
SSDEEP
24576:6Jc26tUVSEg0BpT5kBYandPYi95LXNxVKhIN8+e+dLeT9pDT:6O26I8u+2andPYCNVQIiz+d
Malware Config
Targets
-
-
Target
60f5f9100f9c5793cba2c7bbd85e6ea7703dff4bb12d8f5d44620050642f47e2
-
Size
919KB
-
MD5
5a73f5e451b5c009494c49fd484e58af
-
SHA1
532b2702b09a1831cce9490de7b506510365c8bf
-
SHA256
60f5f9100f9c5793cba2c7bbd85e6ea7703dff4bb12d8f5d44620050642f47e2
-
SHA512
bd5acbdcf3ca500ca9da2a9a9e7ce24777ca163bf4099303bfa001566aae40de0a3337a03deff08c765bad686a57ae544b8590956ba541a44d61f8704d8abe9f
-
SSDEEP
24576:6Jc26tUVSEg0BpT5kBYandPYi95LXNxVKhIN8+e+dLeT9pDT:6O26I8u+2andPYCNVQIiz+d
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Deletes itself
-
Drops file in System32 directory
-