General
-
Target
9fdbe772ad7bc1cd5e25fbd66d657d51175d0833335a3713bc4854341ee50280
-
Size
1.6MB
-
Sample
250105-jje2kazjgq
-
MD5
d2f97aaebbdcf4e67b3800aa16851e1b
-
SHA1
4949b157fbf86111f0a32822274ba14727c3970e
-
SHA256
9fdbe772ad7bc1cd5e25fbd66d657d51175d0833335a3713bc4854341ee50280
-
SHA512
f8d4077dff2716590253f7ca1859f12af42e54c18bcba5369212c9ee1d9edba255bee1672420188aeb09c7a8f2b61114ed59fee73c6d0d8c4adda8c7b7f6ae7c
-
SSDEEP
24576:M1sOeh7E7IJbtEJEHng8wGrQTLq73xaH7pbHOe2:M1sOWFJbtSMXoTLq73xKL2
Malware Config
Targets
-
-
Target
9fdbe772ad7bc1cd5e25fbd66d657d51175d0833335a3713bc4854341ee50280
-
Size
1.6MB
-
MD5
d2f97aaebbdcf4e67b3800aa16851e1b
-
SHA1
4949b157fbf86111f0a32822274ba14727c3970e
-
SHA256
9fdbe772ad7bc1cd5e25fbd66d657d51175d0833335a3713bc4854341ee50280
-
SHA512
f8d4077dff2716590253f7ca1859f12af42e54c18bcba5369212c9ee1d9edba255bee1672420188aeb09c7a8f2b61114ed59fee73c6d0d8c4adda8c7b7f6ae7c
-
SSDEEP
24576:M1sOeh7E7IJbtEJEHng8wGrQTLq73xaH7pbHOe2:M1sOWFJbtSMXoTLq73xKL2
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-