General

  • Target

    68b762f0dd39c9491db7eb3aac8c9995389c0ff4e85402cf6f6007b6ec36b904

  • Size

    3.5MB

  • Sample

    220911-yj36qafghq

  • MD5

    3950568f813459819dc5164aa1b883e0

  • SHA1

    30115da54387be1808dc4c4e0ce9eda88e470668

  • SHA256

    68b762f0dd39c9491db7eb3aac8c9995389c0ff4e85402cf6f6007b6ec36b904

  • SHA512

    b80e8270fc15eb282b85fc5a6d9df8fff9c58e610dbe6d335e35d259065764051b008a55485f1620dc05415d7c559df463595461f109f14e00e8c9dfd1fc72a8

  • SSDEEP

    98304:Emyef25hrekAhGaGt3XgaHXN2Nu4OiZrq1DfPHNADtV6v+2bl:N9fcqxyXN2Nu4O7NADtV6v+2Z

Malware Config

Targets

    • Target

      68b762f0dd39c9491db7eb3aac8c9995389c0ff4e85402cf6f6007b6ec36b904

    • Size

      3.5MB

    • MD5

      3950568f813459819dc5164aa1b883e0

    • SHA1

      30115da54387be1808dc4c4e0ce9eda88e470668

    • SHA256

      68b762f0dd39c9491db7eb3aac8c9995389c0ff4e85402cf6f6007b6ec36b904

    • SHA512

      b80e8270fc15eb282b85fc5a6d9df8fff9c58e610dbe6d335e35d259065764051b008a55485f1620dc05415d7c559df463595461f109f14e00e8c9dfd1fc72a8

    • SSDEEP

      98304:Emyef25hrekAhGaGt3XgaHXN2Nu4OiZrq1DfPHNADtV6v+2bl:N9fcqxyXN2Nu4O7NADtV6v+2Z

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Tasks