purplefox | 2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc | Triage

Submit
Reports

Overview

overview

Static

static

2122180333...cc.exe

windows7_x64

2122180333...cc.exe

windows10_x64

Sharing

General

Target

2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc
Size

69KB
Sample

220104-gde39saebq
MD5

ba2b85a44c23769cc557586d9269996d
SHA1

7ec436400772e3a1ee77ac99fb7fdb5679484ce3
SHA256

2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc
SHA512

3032f4e80e69831701e36c72230743e722e886376a526f047b2bd006a4d684f3f8a1c4d7eb8867536ed3a697c19f51ece1bb2c8ccbeda333d2eb38088a187183

Score

10^/10

purplefox loader dropper rootkit suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc.exe

Resource

win7-en-20211208

purplefox loader dropper rootkit suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc.exe

Resource

win10-en-20211208

purplefox loader dropper rootkit suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc
- Size
  
  69KB
- MD5
  
  ba2b85a44c23769cc557586d9269996d
- SHA1
  
  7ec436400772e3a1ee77ac99fb7fdb5679484ce3
- SHA256
  
  2122180333641dee3a0ef7b9966ef035dc010e9857867c247517fe4ec8f566cc
- SHA512
  
  3032f4e80e69831701e36c72230743e722e886376a526f047b2bd006a4d684f3f8a1c4d7eb8867536ed3a697c19f51ece1bb2c8ccbeda333d2eb38088a187183
Score

10^/10

purplefox loader dropper rootkit suricata trojan
- Detect PurpleFox Dropper
  Detect PurpleFox Dropper.
  dropper loader
- Detect PurpleFox Rootkit
  Detect PurpleFox Rootkit.
  rootkit
- PurpleFox
  PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
  rootkit trojan purplefox
- suricata: ET MALWARE OneLouder EXE download possibly installing Zeus P2P
  suricata: ET MALWARE OneLouder EXE download possibly installing Zeus P2P
  suricata
- suricata: ET MALWARE Probable OneLouder downloader (Zeus P2P) exe download
  suricata: ET MALWARE Probable OneLouder downloader (Zeus P2P) exe download
  suricata
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

purplefox loaderdropperrootkitsuricatatrojan

behavioral2

purplefox loaderdropperrootkitsuricatatrojan

© 2018-2024

Terms | Privacy