General

  • Target

    c716e31dfc90e490989ef03a8ef425c96f90d17f9c0c21001a5bafdfa558b3f8

  • Size

    3.4MB

  • Sample

    220911-zrbxwacbf7

  • MD5

    3c3397dad0b0cd89d4345d04175e71d5

  • SHA1

    5e6cb3548f50afe87e15d614724b1d9fdf147162

  • SHA256

    c716e31dfc90e490989ef03a8ef425c96f90d17f9c0c21001a5bafdfa558b3f8

  • SHA512

    5205eb5ce61ef613b3f3c12c2fc23ff2b22792b6fcd37fbda924e1a3bed508326cb275d864bbbe7266909927f57b279ff84a16930f502a9b1b2b7edfc18dc167

  • SSDEEP

    98304:cmyef25hrekAhGaGt3XgaHXN2N54OiZrq1DfPHNADtV6v+Ll:V9fcqxyXN2N54O7NADtV6v+J

Malware Config

Targets

    • Target

      c716e31dfc90e490989ef03a8ef425c96f90d17f9c0c21001a5bafdfa558b3f8

    • Size

      3.4MB

    • MD5

      3c3397dad0b0cd89d4345d04175e71d5

    • SHA1

      5e6cb3548f50afe87e15d614724b1d9fdf147162

    • SHA256

      c716e31dfc90e490989ef03a8ef425c96f90d17f9c0c21001a5bafdfa558b3f8

    • SHA512

      5205eb5ce61ef613b3f3c12c2fc23ff2b22792b6fcd37fbda924e1a3bed508326cb275d864bbbe7266909927f57b279ff84a16930f502a9b1b2b7edfc18dc167

    • SSDEEP

      98304:cmyef25hrekAhGaGt3XgaHXN2N54OiZrq1DfPHNADtV6v+Ll:V9fcqxyXN2N54O7NADtV6v+J

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Tasks