purplefox | 24f0bb6cba35e87f01d6ea92761171a535c691ce9225348cb2605760d5b12462 | Triage

Sharing

General

Target

c2e1f22a3443076326f1920cf9923c69
Size

360KB
Sample

220802-z4qlsscgfm
MD5

c2e1f22a3443076326f1920cf9923c69
SHA1

6932c2dfca6c51efefbbb6b7af1af2abd7f6b96a
SHA256

24f0bb6cba35e87f01d6ea92761171a535c691ce9225348cb2605760d5b12462
SHA512

b0e4d3188b933a0822a51396bea3ca28c21a0bfe57ed1d4706e3c4631fec2717be9e180210981aeec086549754c744a7bfcbe57d38ad2bc930708096ba26b7e5

Score

10^/10

purplefox rootkit

Malware Config

Targets

- Target
  
  c2e1f22a3443076326f1920cf9923c69
- Size
  
  360KB
- MD5
  
  c2e1f22a3443076326f1920cf9923c69
- SHA1
  
  6932c2dfca6c51efefbbb6b7af1af2abd7f6b96a
- SHA256
  
  24f0bb6cba35e87f01d6ea92761171a535c691ce9225348cb2605760d5b12462
- SHA512
  
  b0e4d3188b933a0822a51396bea3ca28c21a0bfe57ed1d4706e3c4631fec2717be9e180210981aeec086549754c744a7bfcbe57d38ad2bc930708096ba26b7e5
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

rootkitpurplefox

behavioral1

behavioral2