General

  • Target

    ba0aab7261f5ebf0c27fa36f4dd2f9352b75fb844c049c6afeb5bb3540313bc5

  • Size

    3.0MB

  • Sample

    241003-rg5hfasfqb

  • MD5

    46010dc3c63693bd13321068b79ea4ec

  • SHA1

    96f19f777f3de11323540396bd2120f4cb6cb4ee

  • SHA256

    ba0aab7261f5ebf0c27fa36f4dd2f9352b75fb844c049c6afeb5bb3540313bc5

  • SHA512

    3d7a4b8ff51e3aad6d7c53c8dae7f26c77970629efea03f723256065e0f12cf2141814f1b92d96a71b4d887bc12a4c3719edf954914a0b88d52f88faab09395e

  • SSDEEP

    49152:8i38LAQX1am6fnVlG4S3oec27uB48ROuiQzVnYixYLR686UYVEQDpwwNZ:+b6fnVlG4SYMaXzxmLjHg

Malware Config

Targets

    • Target

      ba0aab7261f5ebf0c27fa36f4dd2f9352b75fb844c049c6afeb5bb3540313bc5

    • Size

      3.0MB

    • MD5

      46010dc3c63693bd13321068b79ea4ec

    • SHA1

      96f19f777f3de11323540396bd2120f4cb6cb4ee

    • SHA256

      ba0aab7261f5ebf0c27fa36f4dd2f9352b75fb844c049c6afeb5bb3540313bc5

    • SHA512

      3d7a4b8ff51e3aad6d7c53c8dae7f26c77970629efea03f723256065e0f12cf2141814f1b92d96a71b4d887bc12a4c3719edf954914a0b88d52f88faab09395e

    • SSDEEP

      49152:8i38LAQX1am6fnVlG4S3oec27uB48ROuiQzVnYixYLR686UYVEQDpwwNZ:+b6fnVlG4SYMaXzxmLjHg

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

    • Drops file in Drivers directory

    • Sets service image path in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks