purplefox | a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5 | Triage

Submit
Reports

Overview

overview

Static

static

1

a1385947d8...c5.exe

windows7-x64

a1385947d8...c5.exe

windows10-2004-x64

Sharing

General

Target

a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5
Size

937KB
Sample

230410-seckbafc3z
MD5

ac77b4c692a0cd8e7c9b12669837af41
SHA1

36662c86b7aeef015733171db28b3b9f512b4ab4
SHA256

a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5
SHA512

e36cf6e2704118d2fea050d5f5725ea8cfc9ecc7794389390591b2148b53c7f00afc63214e3d63ed6c42a9411f6b65840d3ecda5099a9bfdefd91b9252ed911d
SSDEEP

24576:tMKhKJqnHBL8Nj3cYR+xHcL/BqZIe4YI2kpTs9vdiBMRX4lR:tEQnHBLg3cYI6L/Brpvg/iOF4lR

Score

10^/10

purplefox rootkit trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5.exe

Resource

win7-20230220-en

purplefox rootkit trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5.exe

Resource

win10v2004-20230220-en

purplefox rootkit trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5
- Size
  
  937KB
- MD5
  
  ac77b4c692a0cd8e7c9b12669837af41
- SHA1
  
  36662c86b7aeef015733171db28b3b9f512b4ab4
- SHA256
  
  a1385947d8529881f8730a3bf1d75ba7eab5f09ad4f67decf82f9e5a065fd6c5
- SHA512
  
  e36cf6e2704118d2fea050d5f5725ea8cfc9ecc7794389390591b2148b53c7f00afc63214e3d63ed6c42a9411f6b65840d3ecda5099a9bfdefd91b9252ed911d
- SSDEEP
  
  24576:tMKhKJqnHBL8Nj3cYR+xHcL/BqZIe4YI2kpTs9vdiBMRX4lR:tEQnHBLg3cYI6L/Brpvg/iOF4lR
Score

10^/10

purplefox rootkit trojan upx
- Detect PurpleFox Rootkit
  Detect PurpleFox Rootkit.
  rootkit
- PurpleFox
  PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.
  rootkit trojan purplefox
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

purplefoxrootkittrojanupx

behavioral2

purplefoxrootkittrojanupx

© 2018-2024

Terms | Privacy