General

  • Target

    8b7feffff8ff9a666d3049b398d1814de5bfd3322c226f355b815848cf0f9919

  • Size

    3.3MB

  • Sample

    241208-kjdn6symcw

  • MD5

    34f5cfa591aaf0dbdcdb23ed7115c61f

  • SHA1

    ed7c1deea4769c36eabf3ada34d283a3a7e50fb5

  • SHA256

    8b7feffff8ff9a666d3049b398d1814de5bfd3322c226f355b815848cf0f9919

  • SHA512

    86f07697298f045509f5a44425945edde5e36d6e1c9811f676c9963161dc03cff6f899fe3c00bac137c8a89215802b09c0beaad74687621890cb4c1290686963

  • SSDEEP

    49152:lalqukumUSVDGsIvo0oHnNuwYbYlrwBdiojOacEJ/t7R1awvKoGJcSzx:Ak/BDGsIvNotuwYYlQEojOacE7bzuc

Malware Config

Targets

    • Target

      8b7feffff8ff9a666d3049b398d1814de5bfd3322c226f355b815848cf0f9919

    • Size

      3.3MB

    • MD5

      34f5cfa591aaf0dbdcdb23ed7115c61f

    • SHA1

      ed7c1deea4769c36eabf3ada34d283a3a7e50fb5

    • SHA256

      8b7feffff8ff9a666d3049b398d1814de5bfd3322c226f355b815848cf0f9919

    • SHA512

      86f07697298f045509f5a44425945edde5e36d6e1c9811f676c9963161dc03cff6f899fe3c00bac137c8a89215802b09c0beaad74687621890cb4c1290686963

    • SSDEEP

      49152:lalqukumUSVDGsIvo0oHnNuwYbYlrwBdiojOacEJ/t7R1awvKoGJcSzx:Ak/BDGsIvNotuwYYlQEojOacE7bzuc

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

    • Purplefox family

MITRE ATT&CK Enterprise v15

Tasks