purplefox | 2371a00ddd8b0a220b818aaed2cfa0a7453a35662579005113445e686ae23216 | Triage

Submit
Reports

Overview

overview

Static

static

3EBCE3A4.msi

windows10-2004-x64

Sharing

General

Target

3EBCE3A4.Png
Size

1.4MB
Sample

220914-pvjrsaeaer
MD5

808c722e8a8c165b817196f050f70d39
SHA1

104c7633f2320b8d1385132a36e36a24536309e4
SHA256

2371a00ddd8b0a220b818aaed2cfa0a7453a35662579005113445e686ae23216
SHA512

8849ab9196bbf51c039174da290c47027c72e333ed2dcf51b256a6a1f8a620f220c8f4273f84c3f6583efe39870b9d163e5d1c9c3830a7db4313a18cf6e1080b
SSDEEP

24576:iWuDXX4QP04BMeRocDP1NOYRn4nJjgDyk7TS4MclFdBbfYNn+Nnnm6ByMEUT:i7XIfi5ooRqJ8O6FlFdB0N+Nnnm6U4

Score

10^/10

purplefox rootkit

Static task

static1

rootkit purplefox

2 signatures

Behavioral task

behavioral1

Sample

3EBCE3A4.msi

Resource

win10v2004-20220901-en

windows10-2004-x64

9 signatures

600 seconds

Malware Config

Targets

- Target
  
  3EBCE3A4.Png
- Size
  
  1.4MB
- MD5
  
  808c722e8a8c165b817196f050f70d39
- SHA1
  
  104c7633f2320b8d1385132a36e36a24536309e4
- SHA256
  
  2371a00ddd8b0a220b818aaed2cfa0a7453a35662579005113445e686ae23216
- SHA512
  
  8849ab9196bbf51c039174da290c47027c72e333ed2dcf51b256a6a1f8a620f220c8f4273f84c3f6583efe39870b9d163e5d1c9c3830a7db4313a18cf6e1080b
- SSDEEP
  
  24576:iWuDXX4QP04BMeRocDP1NOYRn4nJjgDyk7TS4MclFdBbfYNn+Nnnm6ByMEUT:i7XIfi5ooRqJ8O6FlFdB0N+Nnnm6U4
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

rootkitpurplefox

behavioral1

© 2018-2024

Terms | Privacy