General

  • Target

    aa0af88540f220d005d252ac452bddeb3fd5733c078aad4963e384cb7230f1b7

  • Size

    1.4MB

  • Sample

    230828-e3w2zahe81

  • MD5

    72ba8b80fc52b54491eee4a4dc1e43e4

  • SHA1

    7a5a2047507c6e4c4f0951a33cac0ff0e7654f07

  • SHA256

    aa0af88540f220d005d252ac452bddeb3fd5733c078aad4963e384cb7230f1b7

  • SHA512

    213b3428e28e7c2c1a348e19b43011989e33561f4c624f7231de5a3390a06f14957a5c5dac3036ab9402fd4fea47de864901bfcaf2107cb788f6748b819e8a44

  • SSDEEP

    24576:gOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNmpLDyzwyz2:pHPkVOBTKUV

Malware Config

Targets

    • Target

      aa0af88540f220d005d252ac452bddeb3fd5733c078aad4963e384cb7230f1b7

    • Size

      1.4MB

    • MD5

      72ba8b80fc52b54491eee4a4dc1e43e4

    • SHA1

      7a5a2047507c6e4c4f0951a33cac0ff0e7654f07

    • SHA256

      aa0af88540f220d005d252ac452bddeb3fd5733c078aad4963e384cb7230f1b7

    • SHA512

      213b3428e28e7c2c1a348e19b43011989e33561f4c624f7231de5a3390a06f14957a5c5dac3036ab9402fd4fea47de864901bfcaf2107cb788f6748b819e8a44

    • SSDEEP

      24576:gOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNmpLDyzwyz2:pHPkVOBTKUV

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

MITRE ATT&CK Matrix

Tasks