purplefox | b57002f28c58303d836bd8c28e2e8b8bcfafc14dffb3f7a76c1c4b6cdbe6d5d0 | Triage

Submit
Reports

Overview

overview

Static

static

3EBCE3A4.msi

windows10-2004-x64

Resubmissions

09-09-2022 09:03

220909-kz93baggh8 10

09-09-2022 08:59

220909-kx3v8adghm 10

Sharing

General

Target

3EBCE3A4.Png
Size

1.4MB
Sample

220909-kx3v8adghm
MD5

63fc5924bf1c4efbca75ce4cbe41a8e1
SHA1

e13f3b407871287c40965251046c778660a27fc5
SHA256

b57002f28c58303d836bd8c28e2e8b8bcfafc14dffb3f7a76c1c4b6cdbe6d5d0
SHA512

2f6252807515a1e7fd5caea6a8d589dd5d4ff18a93af4eb5221537096775fd669fc748478c33bdec3dd1408f7d2195c6d83fd9d044d68cb30f5c80b08acedf6a
SSDEEP

24576:hWuDXX4zG04BMeRocDP1NOYRn4nJjgDyk7TS4MclFdBbfYNn+Nnnm6ByMEUT:h7XIzi5ooRqJ8O6FlFdB0N+Nnnm6U4

Score

10^/10

purplefox rootkit

Static task

static1

rootkit purplefox

2 signatures

Behavioral task

behavioral1

Sample

3EBCE3A4.msi

Resource

win10v2004-20220812-en

windows10-2004-x64

9 signatures

1200 seconds

Malware Config

Targets

- Target
  
  3EBCE3A4.Png
- Size
  
  1.4MB
- MD5
  
  63fc5924bf1c4efbca75ce4cbe41a8e1
- SHA1
  
  e13f3b407871287c40965251046c778660a27fc5
- SHA256
  
  b57002f28c58303d836bd8c28e2e8b8bcfafc14dffb3f7a76c1c4b6cdbe6d5d0
- SHA512
  
  2f6252807515a1e7fd5caea6a8d589dd5d4ff18a93af4eb5221537096775fd669fc748478c33bdec3dd1408f7d2195c6d83fd9d044d68cb30f5c80b08acedf6a
- SSDEEP
  
  24576:hWuDXX4zG04BMeRocDP1NOYRn4nJjgDyk7TS4MclFdBbfYNn+Nnnm6ByMEUT:h7XIzi5ooRqJ8O6FlFdB0N+Nnnm6U4
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

rootkitpurplefox

behavioral1

© 2018-2024

Terms | Privacy