purplefox | 0a970e58599c403de3ef186fff03565913e47b5c22f9bdf55b84a9f497b10520 | Triage

Sharing

General

Target

2e0ecb2f.exe
Size

1.4MB
Sample

221005-q4ae5sefhr
MD5

f725bab929df4fe2626849ba269b7fcb
SHA1

907fe41722644b3dd6851766cc2a70c1d2b28434
SHA256

0a970e58599c403de3ef186fff03565913e47b5c22f9bdf55b84a9f497b10520
SHA512

1e09187e521e91cd34772af31ea83e873024fcb22bbe7bd438a29a6a437773be43b28d68928af09917dc32755bacfced923748380ec05a0485cfe1609acac213
SSDEEP

24576:y0uDXX4HK04BMeRocDP1Nc076i9aJjgDyk7TS4MclFdBbfYNn+Nnnm6ByMEUT:y9XIri5ood7FEJ8O6FlFdB0N+Nnnm6U4

Score

10^/10

purplefox rootkit

Malware Config

Targets

- Target
  
  2e0ecb2f.exe
- Size
  
  1.4MB
- MD5
  
  f725bab929df4fe2626849ba269b7fcb
- SHA1
  
  907fe41722644b3dd6851766cc2a70c1d2b28434
- SHA256
  
  0a970e58599c403de3ef186fff03565913e47b5c22f9bdf55b84a9f497b10520
- SHA512
  
  1e09187e521e91cd34772af31ea83e873024fcb22bbe7bd438a29a6a437773be43b28d68928af09917dc32755bacfced923748380ec05a0485cfe1609acac213
- SSDEEP
  
  24576:y0uDXX4HK04BMeRocDP1Nc076i9aJjgDyk7TS4MclFdBbfYNn+Nnnm6ByMEUT:y9XIri5ood7FEJ8O6FlFdB0N+Nnnm6U4
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

rootkitpurplefox

behavioral1

behavioral2

behavioral3