Overview

overview

10

Static

static

10

9D8AA271.msi

windows7-x64

7

9D8AA271.msi

windows10-2004-x64

7

Resubmissions

23-02-2023 09:14

230223-k7fhnsfd53 10

23-02-2023 09:11

230223-k53v7afd47 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9D8AA271.Png

  • Size

    1.4MB

  • Sample

    230223-k7fhnsfd53

  • MD5

    7a72d5e6044805ea4d2f37bdbdc0ab2d

  • SHA1

    9b54a2d8ee1ead6bf053f0aaf724e4d44e1de8ae

  • SHA256

    34159049a92a5849bc9c11bd8ed4411aa5f5ecac4a80ddc2cc9f5df22980c1ec

  • SHA512

    f100069fe104f7bb9154247f26e130d739eeb4e834ef6e801901bb489847c6791c5ec53f9160de3f8295483d52004890b79af27a4057f5c2d7d9eb4d9ceb0ff9

  • SSDEEP

    24576:KUuDXXNGj04BMeRocDP1Nz4lDhkPTG4Mcgiwkew8vroUQGDXDNSnf6BlMRUT:KdXdJi5oo+FeBRSw8vlQIzNSnf6y4

Score
10/10
purplefoxrootkit

Malware Config

Targets

    • Target

      9D8AA271.Png

    • Size

      1.4MB

    • MD5

      7a72d5e6044805ea4d2f37bdbdc0ab2d

    • SHA1

      9b54a2d8ee1ead6bf053f0aaf724e4d44e1de8ae

    • SHA256

      34159049a92a5849bc9c11bd8ed4411aa5f5ecac4a80ddc2cc9f5df22980c1ec

    • SHA512

      f100069fe104f7bb9154247f26e130d739eeb4e834ef6e801901bb489847c6791c5ec53f9160de3f8295483d52004890b79af27a4057f5c2d7d9eb4d9ceb0ff9

    • SSDEEP

      24576:KUuDXXNGj04BMeRocDP1Nz4lDhkPTG4Mcgiwkew8vroUQGDXDNSnf6BlMRUT:KdXdJi5oo+FeBRSw8vlQIzNSnf6y4

    Score
    7/10

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks