General
-
Target
4a63551fced71439156891490defdf21b40a0bed09c0eaac75547fe4aaabc616
-
Size
3.4MB
-
Sample
240921-mg6naaxdne
-
MD5
6751082c6897576fda3595db00ca4269
-
SHA1
aa5fc6bce610a1ccd04c31c38af447d31f07b677
-
SHA256
4a63551fced71439156891490defdf21b40a0bed09c0eaac75547fe4aaabc616
-
SHA512
93fa1e379d148db7c4271dd50110a40d27b55f3a9ec93ed79af3cf26c8b802bc095f0424cfa0df235b83a8e41175ea231d1fba7020cc1dede974b57b2eb2a5e3
-
SSDEEP
49152:4OWFJbtSMXoTLq73xKqCbFHsclmJSVARa86xzW3xRoyqqxrTp:4OWFJbtSMX3xKqCbxsclWSV7SxyqxrF
Malware Config
Targets
-
-
Target
4a63551fced71439156891490defdf21b40a0bed09c0eaac75547fe4aaabc616
-
Size
3.4MB
-
MD5
6751082c6897576fda3595db00ca4269
-
SHA1
aa5fc6bce610a1ccd04c31c38af447d31f07b677
-
SHA256
4a63551fced71439156891490defdf21b40a0bed09c0eaac75547fe4aaabc616
-
SHA512
93fa1e379d148db7c4271dd50110a40d27b55f3a9ec93ed79af3cf26c8b802bc095f0424cfa0df235b83a8e41175ea231d1fba7020cc1dede974b57b2eb2a5e3
-
SSDEEP
49152:4OWFJbtSMXoTLq73xKqCbFHsclmJSVARa86xzW3xRoyqqxrTp:4OWFJbtSMX3xKqCbxsclWSV7SxyqxrF
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-