General

  • Target

    7128580d3d4567ddc2e96c15a99582c91340495b3e4efc6d52eedd9094c1397c

  • Size

    1.4MB

  • Sample

    230828-wxlsgseb82

  • MD5

    8dd7ae6334517d6fa71f79dce4099b90

  • SHA1

    bda6cd7b2fed8c81dff306a60a0d8c2330989c2d

  • SHA256

    7128580d3d4567ddc2e96c15a99582c91340495b3e4efc6d52eedd9094c1397c

  • SHA512

    b87f390e6eaf976819a847b47196663ee63cc6e4f18f5895e93c934df5d9c15ca1b458491993ba3f5c4b5f8c5a9c08c74de81b52058ec23f8e26b3a5612f54cb

  • SSDEEP

    24576:F39WaOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN:598HPkVOBTK

Malware Config

Targets

    • Target

      7128580d3d4567ddc2e96c15a99582c91340495b3e4efc6d52eedd9094c1397c

    • Size

      1.4MB

    • MD5

      8dd7ae6334517d6fa71f79dce4099b90

    • SHA1

      bda6cd7b2fed8c81dff306a60a0d8c2330989c2d

    • SHA256

      7128580d3d4567ddc2e96c15a99582c91340495b3e4efc6d52eedd9094c1397c

    • SHA512

      b87f390e6eaf976819a847b47196663ee63cc6e4f18f5895e93c934df5d9c15ca1b458491993ba3f5c4b5f8c5a9c08c74de81b52058ec23f8e26b3a5612f54cb

    • SSDEEP

      24576:F39WaOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN:598HPkVOBTK

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

MITRE ATT&CK Matrix

Tasks