General
-
Target
16ffa6fd3f16370b267266920dd108ab80077f58269f1b793bb6d97d618aefa4
-
Size
491KB
-
Sample
250423-ylrwgaspw7
-
MD5
687c0c12bf3635877c3b00289335e732
-
SHA1
8c6d1871031b877a93ee83dcdbc8984fc79467a9
-
SHA256
16ffa6fd3f16370b267266920dd108ab80077f58269f1b793bb6d97d618aefa4
-
SHA512
a95bd620d9231bd0c782e89f211f7e34945cf4c5073c8fce794f20751bc07cb489d74285be48016fc63c76f960c6fea3b74f7f9e15972855321bc91f765249f9
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2R06lZv:oDR+u8pfjYMMWNvdhUSByFPzyv
Malware Config
Targets
-
-
Target
16ffa6fd3f16370b267266920dd108ab80077f58269f1b793bb6d97d618aefa4
-
Size
491KB
-
MD5
687c0c12bf3635877c3b00289335e732
-
SHA1
8c6d1871031b877a93ee83dcdbc8984fc79467a9
-
SHA256
16ffa6fd3f16370b267266920dd108ab80077f58269f1b793bb6d97d618aefa4
-
SHA512
a95bd620d9231bd0c782e89f211f7e34945cf4c5073c8fce794f20751bc07cb489d74285be48016fc63c76f960c6fea3b74f7f9e15972855321bc91f765249f9
-
SSDEEP
6144:GpoMkequERu8qQ1fjYMMW9eKZH+IdISTUL24qL9cPKcPzR2R06lZv:oDR+u8pfjYMMWNvdhUSByFPzyv
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
Purplefox family
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-