General
-
Target
6326154926aa8bea1f8e30f9fa6fed4763fa3a0eda7d8997a394bc52fec40139
-
Size
491KB
-
Sample
241218-f1vxkawmel
-
MD5
0f716594d847a3feae8af0197914d987
-
SHA1
c8e9a517aa37365904c5dc38510290503d5fd4de
-
SHA256
6326154926aa8bea1f8e30f9fa6fed4763fa3a0eda7d8997a394bc52fec40139
-
SHA512
7297079e45be13a39ce40cbf20b04a3d4cf6cb34e8cdf26b2ada7e494bb4e612009427029bc5409dd8bc30dde6ada4e9dbb9cbd2e4774b84c134a1c21d51cdb7
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2RZ6lZv:oDR+u8pfjYMMWNvdhUSByFPzXv
Malware Config
Targets
-
-
Target
6326154926aa8bea1f8e30f9fa6fed4763fa3a0eda7d8997a394bc52fec40139
-
Size
491KB
-
MD5
0f716594d847a3feae8af0197914d987
-
SHA1
c8e9a517aa37365904c5dc38510290503d5fd4de
-
SHA256
6326154926aa8bea1f8e30f9fa6fed4763fa3a0eda7d8997a394bc52fec40139
-
SHA512
7297079e45be13a39ce40cbf20b04a3d4cf6cb34e8cdf26b2ada7e494bb4e612009427029bc5409dd8bc30dde6ada4e9dbb9cbd2e4774b84c134a1c21d51cdb7
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2RZ6lZv:oDR+u8pfjYMMWNvdhUSByFPzXv
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-