General
-
Target
baf2e512ccbb9ea27627e8726afe7aaa34e19a0055326bc1b57a0ac56212c9bb
-
Size
1.6MB
-
Sample
241112-s8r7vsypem
-
MD5
6cc03a26bb589a589161baebc8050290
-
SHA1
2f96f255b2f905ab441931e66880965798ae83fb
-
SHA256
baf2e512ccbb9ea27627e8726afe7aaa34e19a0055326bc1b57a0ac56212c9bb
-
SHA512
11c240aef03f88951d3d44e4933a7cb675f16617b16c1f92699e46062283cbf9e479b56e1be49a12a5bcd27ab2a90e46e76de371d7bf14abd8aeeb1a4fba43f2
-
SSDEEP
24576:4pLOet+FXyn5pGJd1GdQmw7dj6ypuNiTdjvPG4/:4pLnt+Fy+1GnAj4ipjnL/
Malware Config
Targets
-
-
Target
baf2e512ccbb9ea27627e8726afe7aaa34e19a0055326bc1b57a0ac56212c9bb
-
Size
1.6MB
-
MD5
6cc03a26bb589a589161baebc8050290
-
SHA1
2f96f255b2f905ab441931e66880965798ae83fb
-
SHA256
baf2e512ccbb9ea27627e8726afe7aaa34e19a0055326bc1b57a0ac56212c9bb
-
SHA512
11c240aef03f88951d3d44e4933a7cb675f16617b16c1f92699e46062283cbf9e479b56e1be49a12a5bcd27ab2a90e46e76de371d7bf14abd8aeeb1a4fba43f2
-
SSDEEP
24576:4pLOet+FXyn5pGJd1GdQmw7dj6ypuNiTdjvPG4/:4pLnt+Fy+1GnAj4ipjnL/
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Blocklisted process makes network request
-
Adds Run key to start application
-