General
-
Target
422c50a86236d9dfc882f5c649917d3af4d3355134a377d245b2fcfc4cdf46ca
-
Size
1.5MB
-
Sample
250118-jgd2gsxqdm
-
MD5
065d1a18bf2a9edb2a21a03741a845d3
-
SHA1
f718da13d9649f6a8710b160e3c3b4a43a54623c
-
SHA256
422c50a86236d9dfc882f5c649917d3af4d3355134a377d245b2fcfc4cdf46ca
-
SHA512
fb2faaf161a24b4039448d878231fdc7b4c5a2c03d36d9854ac421707cf45588144fafdd027a4bcd1c314bba5f491f2d76ceeb24f9b9b4cafa895276ed36a873
-
SSDEEP
24576:uYVLN+uGOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN:RTT3HPkVOBTK
Malware Config
Targets
-
-
Target
422c50a86236d9dfc882f5c649917d3af4d3355134a377d245b2fcfc4cdf46ca
-
Size
1.5MB
-
MD5
065d1a18bf2a9edb2a21a03741a845d3
-
SHA1
f718da13d9649f6a8710b160e3c3b4a43a54623c
-
SHA256
422c50a86236d9dfc882f5c649917d3af4d3355134a377d245b2fcfc4cdf46ca
-
SHA512
fb2faaf161a24b4039448d878231fdc7b4c5a2c03d36d9854ac421707cf45588144fafdd027a4bcd1c314bba5f491f2d76ceeb24f9b9b4cafa895276ed36a873
-
SSDEEP
24576:uYVLN+uGOyHutimZ9VSly2hVvHW6qMnSbTBBhBMN:RTT3HPkVOBTK
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-