General
-
Target
55cb035ca1cd54370ee634cf92fbf9b762baefff9e68de0936f744e3ffa494f9
-
Size
1.5MB
-
Sample
240925-nmg3jssgkn
-
MD5
e3039de219761cd74aa36f12f434fcd6
-
SHA1
4df01d6c2d55876d2aa18fc104bc2186325e2c58
-
SHA256
55cb035ca1cd54370ee634cf92fbf9b762baefff9e68de0936f744e3ffa494f9
-
SHA512
44bfa7e8aa8d8eac5a865a38328fcd1941b88718c35acd94609eb5d9f6dec47873db1b3322c195b781d675f1831526dfdd71ac06bcee2bffaf98cc1ad808a3f1
-
SSDEEP
24576:MOeh7E7IJbtEJEHng8wGrQTLq73xaH7pbH2ApFIY6W2/z6bl:MOWFJbtSMXoTLq73xKXQ1/z6Z
Malware Config
Targets
-
-
Target
55cb035ca1cd54370ee634cf92fbf9b762baefff9e68de0936f744e3ffa494f9
-
Size
1.5MB
-
MD5
e3039de219761cd74aa36f12f434fcd6
-
SHA1
4df01d6c2d55876d2aa18fc104bc2186325e2c58
-
SHA256
55cb035ca1cd54370ee634cf92fbf9b762baefff9e68de0936f744e3ffa494f9
-
SHA512
44bfa7e8aa8d8eac5a865a38328fcd1941b88718c35acd94609eb5d9f6dec47873db1b3322c195b781d675f1831526dfdd71ac06bcee2bffaf98cc1ad808a3f1
-
SSDEEP
24576:MOeh7E7IJbtEJEHng8wGrQTLq73xaH7pbH2ApFIY6W2/z6bl:MOWFJbtSMXoTLq73xKXQ1/z6Z
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-