Overview

overview

10

Static

static

a181fab97f...da.exe

windows7-x64

10

a181fab97f...da.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a181fab97fcfa5490838395ae04a41f6e254ad0362e222da50eb45e7b4ad22da

  • Size

    3.8MB

  • Sample

    220911-yj36qafghp

  • MD5

    bdaf5d4a000f4b228a9947bbc54a02b2

  • SHA1

    55c634e32af30aaee69cb577a32dc0d822dde9f7

  • SHA256

    a181fab97fcfa5490838395ae04a41f6e254ad0362e222da50eb45e7b4ad22da

  • SHA512

    65c2b5a0671e85fe63639a95e187eb9f7354dcbbc70e7e6ea4e11d850d8cefd2a2e62b7f10e1eaa81b928395fa47cbc219c6e59ed173f3bd3ff4ae5e4a15dfb0

  • SSDEEP

    98304:a1QjVI10ycazKiEDxjp+7Bln014OiZrq1DfPHNADtV6v+QKTKK4KKDyK5FZ1EEER:aueSazKcBln014O7NADtV6v+

Score
10/10
purplefoxrootkittrojan

Malware Config

Targets

    • Target

      a181fab97fcfa5490838395ae04a41f6e254ad0362e222da50eb45e7b4ad22da

    • Size

      3.8MB

    • MD5

      bdaf5d4a000f4b228a9947bbc54a02b2

    • SHA1

      55c634e32af30aaee69cb577a32dc0d822dde9f7

    • SHA256

      a181fab97fcfa5490838395ae04a41f6e254ad0362e222da50eb45e7b4ad22da

    • SHA512

      65c2b5a0671e85fe63639a95e187eb9f7354dcbbc70e7e6ea4e11d850d8cefd2a2e62b7f10e1eaa81b928395fa47cbc219c6e59ed173f3bd3ff4ae5e4a15dfb0

    • SSDEEP

      98304:a1QjVI10ycazKiEDxjp+7Bln014OiZrq1DfPHNADtV6v+QKTKK4KKDyK5FZ1EEER:aueSazKcBln014O7NADtV6v+

    Score
    10/10
    purplefoxrootkittrojan

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

      rootkit

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

      rootkittrojanpurplefox

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks