General
-
Target
92bbd5b49e65ca3cbeac2879be38e0915e3a66fc71f061c036aa73dcdd0fc47a
-
Size
3.3MB
-
Sample
240905-zbmz7szbqg
-
MD5
cfdc421a9e29ce9f45764ef2531a0be8
-
SHA1
980cf342987002f27e73787d44c04764e7a40d1b
-
SHA256
92bbd5b49e65ca3cbeac2879be38e0915e3a66fc71f061c036aa73dcdd0fc47a
-
SHA512
c426f53e25911e61ec9628d8542198a538aaef1c86f56e23bf35461e76257287c638bdd4197c9e7bb738bd0e335be61a4da3432e713c4a50db181649d61baf6c
-
SSDEEP
49152:b1sOWFJbtSMXoTLq73xKaW/HsclmJSVARa86xzW3xRoyqqxrTz:b1sOWFJbtSMX3xKaWPsclWSV7SxyqxrX
Malware Config
Targets
-
-
Target
92bbd5b49e65ca3cbeac2879be38e0915e3a66fc71f061c036aa73dcdd0fc47a
-
Size
3.3MB
-
MD5
cfdc421a9e29ce9f45764ef2531a0be8
-
SHA1
980cf342987002f27e73787d44c04764e7a40d1b
-
SHA256
92bbd5b49e65ca3cbeac2879be38e0915e3a66fc71f061c036aa73dcdd0fc47a
-
SHA512
c426f53e25911e61ec9628d8542198a538aaef1c86f56e23bf35461e76257287c638bdd4197c9e7bb738bd0e335be61a4da3432e713c4a50db181649d61baf6c
-
SSDEEP
49152:b1sOWFJbtSMXoTLq73xKaW/HsclmJSVARa86xzW3xRoyqqxrTz:b1sOWFJbtSMX3xKaWPsclWSV7SxyqxrX
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-