General

  • Target

    90f3641203095af09f18131ba8bccfc8a972092b7e58e9d8f171f701ee74f41e

  • Size

    1.3MB

  • Sample

    240623-lrs99s1hqj

  • MD5

    023e9273a0ad8296b1fe52ded72f674b

  • SHA1

    90091a0d21403d76b05f26437c3346b594d83eaf

  • SHA256

    90f3641203095af09f18131ba8bccfc8a972092b7e58e9d8f171f701ee74f41e

  • SHA512

    00aeca27c3812ab93cfe8ea81279b0b79988dd6302c3a5b1cbd615327a7b6128e32e1d3ffed71525b721f41aec0da14cd772d5075f27ff341131fcf219551952

  • SSDEEP

    24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNC:QHPkVOBTK

Malware Config

Targets

    • Target

      90f3641203095af09f18131ba8bccfc8a972092b7e58e9d8f171f701ee74f41e

    • Size

      1.3MB

    • MD5

      023e9273a0ad8296b1fe52ded72f674b

    • SHA1

      90091a0d21403d76b05f26437c3346b594d83eaf

    • SHA256

      90f3641203095af09f18131ba8bccfc8a972092b7e58e9d8f171f701ee74f41e

    • SHA512

      00aeca27c3812ab93cfe8ea81279b0b79988dd6302c3a5b1cbd615327a7b6128e32e1d3ffed71525b721f41aec0da14cd772d5075f27ff341131fcf219551952

    • SSDEEP

      24576:dOyHutimZ9VSly2hVvHW6qMnSbTBBhBMNC:QHPkVOBTK

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

MITRE ATT&CK Matrix

Tasks