c1dec40348f597fdcbd4fcdcd6ddc12225f55d05e5194070622bc0e0cabec143 | Triage

Submit
Reports

Overview

overview

Static

static

PurpleKnight.exe

windows7-x64

PurpleKnight.exe

windows10-2004-x64

Sharing

General

Target

PurpleKnight.exe.zip
Size

95.4MB
Sample

230113-ps2jtace8w
MD5

ae6085f9f1b9add89e333e475e033134
SHA1

9c03ba5aafd559d8b4041fd3e977aa2238bec8ee
SHA256

c1dec40348f597fdcbd4fcdcd6ddc12225f55d05e5194070622bc0e0cabec143
SHA512

9896ad3eff44db58e0cc3a5cc1e0a1a1bc44617b6463574daefdd1fa3e359781ed17b0251f61f32774b717a2e80a11fdf83ee861c926a5c822933834aa59d80f
SSDEEP

1572864:CiFZToRPe1RbDkB0vbd9oRa/1qbw51GqZQ1GC9PFNXz+LiVnH72rd7YR/rGpuZ1A:CGqR+HkB0rvf6GoPF9zRJH72E/rSU1MR

Score

10^/10

coreentity

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

PurpleKnight.exe

Resource

win7-20221111-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

PurpleKnight.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  PurpleKnight.exe
- Size
  
  100.4MB
- MD5
  
  8c1579ee5fa7549a53180c3fe0cf2b91
- SHA1
  
  bb010d17cdd7b6ca6c99fd0b17ab11af94360595
- SHA256
  
  8b9e8326f25cfd8d1b9de0837232813216fc772523d102d43f1a1ed1ee1406fe
- SHA512
  
  38e3a46a94ae3449b1c07426e5a64bb6e48c18b509e52031945e5e20ae3b5f740b115c464114431357bf724d4fbb22512367499bf1867c3e4941c39a4c97a7a5
- SSDEEP
  
  3145728:sdPoQQ6ZLU91RWdeBzdnx2eU+vREzg2XhGjh:sdPox11D9Uz8P
Score

10^/10

coreentity
- CoreEntity .NET Packer
  A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
  coreentity
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy