General
-
Target
a853b17061786737988e904c7cca3c808f5a74ea3bb6d9c624ae71bd08ea40ad
-
Size
1.6MB
-
Sample
230307-kh3a5sgg5w
-
MD5
613e88c53caec3d1307e263510eb475e
-
SHA1
929ce0fc7af3f7df27d3aaa59949fa9ee91b8497
-
SHA256
a853b17061786737988e904c7cca3c808f5a74ea3bb6d9c624ae71bd08ea40ad
-
SHA512
ef9747373755c997fd388293418d42bc9425320505d747c299621d638e5de702fa0240a6903ec4ade6dbc93efe399daaac0c99737ddd4e51a6a7764f7d9d7120
-
SSDEEP
24576:GPzahsCGOVdfcp8LsR3qiWXk5hZ7DCkxdmpmkh60FY5MesoRGM27:GPOrVdmlZ3CqcpTqMeXGM27
Malware Config
Targets
-
-
Target
a853b17061786737988e904c7cca3c808f5a74ea3bb6d9c624ae71bd08ea40ad
-
Size
1.6MB
-
MD5
613e88c53caec3d1307e263510eb475e
-
SHA1
929ce0fc7af3f7df27d3aaa59949fa9ee91b8497
-
SHA256
a853b17061786737988e904c7cca3c808f5a74ea3bb6d9c624ae71bd08ea40ad
-
SHA512
ef9747373755c997fd388293418d42bc9425320505d747c299621d638e5de702fa0240a6903ec4ade6dbc93efe399daaac0c99737ddd4e51a6a7764f7d9d7120
-
SSDEEP
24576:GPzahsCGOVdfcp8LsR3qiWXk5hZ7DCkxdmpmkh60FY5MesoRGM27:GPOrVdmlZ3CqcpTqMeXGM27
Score10/10-
Detect PurpleFox Rootkit
Detect PurpleFox Rootkit.
-
PurpleFox
PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-