purplefox | 2b122f85cf860621631b430565495c65134cfb56233f92c8e9a4be509bbcead2 | Triage

Submit
Reports

Overview

overview

Static

static

2b122f85cf...d2.exe

windows7_x64

2b122f85cf...d2.exe

windows10-2004_x64

Sharing

Static task

static1

dropper purplefox

Behavioral task

behavioral1

Sample

2b122f85cf860621631b430565495c65134cfb56233f92c8e9a4be509bbcead2.exe

Resource

win7-en-20211208

purplefox sainbox loader dropper loader rootkit trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2b122f85cf860621631b430565495c65134cfb56233f92c8e9a4be509bbcead2.exe

Resource

win10v2004-en-20220112

purplefox loader dropper rootkit trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

2b122f85cf860621631b430565495c65134cfb56233f92c8e9a4be509bbcead2
Size

623KB
MD5

1466fa44b8e9be35982e0c248c62248b
SHA1

01ca7fc3bafca3b6362c084a5fa98cce03c4be2f
SHA256

2b122f85cf860621631b430565495c65134cfb56233f92c8e9a4be509bbcead2
SHA512

d0b97c7eabce818b143ccdb87adde6a201e404afe14cb282c109662257db8d0529583ad739eb9e72bba90fe2217fc34a40b37b94b916feaba010ed81eac2a265
SSDEEP

6144:cv/OWR4jmcJJVPjC4heddhDRpUegj5NMHCwbd3IqYZivw1swgjCot:ZWR4lJ7CYedTMegNOiw53HdvwawUCw

Score

10^/10

dropper purplefox

Malware Config

Extracted

Family

purplefox

C2

http://107.151.94.70:4397/77

Signatures

Purplefox family
purplefox

Files

2b122f85cf860621631b430565495c65134cfb56233f92c8e9a4be509bbcead2
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 460KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy