gh0strat | 3387cd28f17efd976288e7fdd00a13a11ad5083d8c9f5e36f4132bd50c8f5b60 | Triage

Submit
Reports

Overview

overview

Static

static

3

_007D00000...1).exe

windows10-2004-x64

Sharing

General

Target

_007D000001~Rip(1).exe
Size

1.2MB
Sample

240825-l4g3rszhkn
MD5

b08692bf5229ff68ef8eafd9a0b283da
SHA1

4a60b471acf4468eca27e8a5eb68fb6011181d1d
SHA256

3387cd28f17efd976288e7fdd00a13a11ad5083d8c9f5e36f4132bd50c8f5b60
SHA512

6a8a37480797fe451d41913e3867b492b6246a9ba71a8367f1bad1c22e2a5188e980fef478b78c912d0c3cecb8b2865dd8af10017d3222a52b0ca2f06e617f08
SSDEEP

24576:nezAqHGdeQI+sK0p876T+3BIW7GEyMZyL:ezATVI3u76T+RP7GEyMY

Score

10^/10

gh0strat purplefox discovery rat rootkit trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

_007D000001~Rip(1).exe

Resource

win10v2004-20240802-en

gh0strat purplefox discovery rat rootkit trojan

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  _007D000001~Rip(1).exe
- Size
  
  1.2MB
- MD5
  
  b08692bf5229ff68ef8eafd9a0b283da
- SHA1
  
  4a60b471acf4468eca27e8a5eb68fb6011181d1d
- SHA256
  
  3387cd28f17efd976288e7fdd00a13a11ad5083d8c9f5e36f4132bd50c8f5b60
- SHA512
  
  6a8a37480797fe451d41913e3867b492b6246a9ba71a8367f1bad1c22e2a5188e980fef478b78c912d0c3cecb8b2865dd8af10017d3222a52b0ca2f06e617f08
- SSDEEP
  
  24576:nezAqHGdeQI+sK0p876T+3BIW7GEyMZyL:ezATVI3u76T+RP7GEyMY
Score

10^/10

gh0strat purplefox discovery rat rootkit trojan
- Detect PurpleFox Rootkit
  Detect PurpleFox Rootkit.
  rootkit
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- PurpleFox
  PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
  rootkit trojan purplefox
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratpurplefoxdiscoveryratrootkittrojan

© 2018-2025

Terms | Privacy