General
-
Target
0cb5c8e6987f74a213353851dc12b7b3a08130fd5ebb18f4455c659e8f46442f
-
Size
491KB
-
Sample
241225-fa82haylep
-
MD5
77b621c8ae246da4619c8315c6996576
-
SHA1
43b19a006a6e8c864b33f63604c3d5b94b26a410
-
SHA256
0cb5c8e6987f74a213353851dc12b7b3a08130fd5ebb18f4455c659e8f46442f
-
SHA512
a28bdb4b08c732558e97c6efc71a32d2e7681d770c68eacc78e2dace03f78e2dbf4abfaa66d1b2e0e69cefe05955d7a2cbffb88dbad3957e48d63d68af4f0f46
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2RD6lZv:oDR+u8pfjYMMWNvdhUSByFPzdv
Malware Config
Targets
-
-
Target
0cb5c8e6987f74a213353851dc12b7b3a08130fd5ebb18f4455c659e8f46442f
-
Size
491KB
-
MD5
77b621c8ae246da4619c8315c6996576
-
SHA1
43b19a006a6e8c864b33f63604c3d5b94b26a410
-
SHA256
0cb5c8e6987f74a213353851dc12b7b3a08130fd5ebb18f4455c659e8f46442f
-
SHA512
a28bdb4b08c732558e97c6efc71a32d2e7681d770c68eacc78e2dace03f78e2dbf4abfaa66d1b2e0e69cefe05955d7a2cbffb88dbad3957e48d63d68af4f0f46
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2RD6lZv:oDR+u8pfjYMMWNvdhUSByFPzdv
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-