General

  • Target

    b67efed2c6b2c70ad5ea1a30b730809fb7d3843d5d4671ba73d8ca5d0a348100

  • Size

    1.3MB

  • Sample

    240618-lhz2fsxeqe

  • MD5

    0852cc43a683604b25a47fc8a46628d3

  • SHA1

    af44794a953485f6233ebaf62b2a4cd5aaa8bfbc

  • SHA256

    b67efed2c6b2c70ad5ea1a30b730809fb7d3843d5d4671ba73d8ca5d0a348100

  • SHA512

    e3aac9cc8d5f2f0f9a69af82826a86f8321335c5a3fce9085dd639fcd0fe33c77bc0451e31c1333e6db589b651e4c98852034b35c5cec3739eea5fd95c82e396

  • SSDEEP

    24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNm:QHPkVOBTK

Malware Config

Targets

    • Target

      b67efed2c6b2c70ad5ea1a30b730809fb7d3843d5d4671ba73d8ca5d0a348100

    • Size

      1.3MB

    • MD5

      0852cc43a683604b25a47fc8a46628d3

    • SHA1

      af44794a953485f6233ebaf62b2a4cd5aaa8bfbc

    • SHA256

      b67efed2c6b2c70ad5ea1a30b730809fb7d3843d5d4671ba73d8ca5d0a348100

    • SHA512

      e3aac9cc8d5f2f0f9a69af82826a86f8321335c5a3fce9085dd639fcd0fe33c77bc0451e31c1333e6db589b651e4c98852034b35c5cec3739eea5fd95c82e396

    • SSDEEP

      24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNm:QHPkVOBTK

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

MITRE ATT&CK Matrix

Tasks