General

  • Target

    4f796d84e88afc6fbb94db40ad396e54ae4f9c90189fab78fec42baa56f2141d

  • Size

    3.6MB

  • Sample

    241211-w5lsfstnc1

  • MD5

    baecee8312e9a67ca151513e41ac84bf

  • SHA1

    efebb50a06185ccf23c4a613c92001a1f0f50bf3

  • SHA256

    4f796d84e88afc6fbb94db40ad396e54ae4f9c90189fab78fec42baa56f2141d

  • SHA512

    57cb8683cbe5463c201e3f604ccc020ba61f22ed992a1b59a91076409408dac7f17443f38327a7641c1c5d6c1869031699933033a78d35ef1147188bf85dae0e

  • SSDEEP

    49152:moRLXMJPb7aa1u+ENFAoWo2DqbfQ1rmo6mxQXiDGTMD1TRLjXpWMiI:DpXMJPb1U+EKo2Dqb07BxQXGB3XpWHI

Malware Config

Targets

    • Target

      4f796d84e88afc6fbb94db40ad396e54ae4f9c90189fab78fec42baa56f2141d

    • Size

      3.6MB

    • MD5

      baecee8312e9a67ca151513e41ac84bf

    • SHA1

      efebb50a06185ccf23c4a613c92001a1f0f50bf3

    • SHA256

      4f796d84e88afc6fbb94db40ad396e54ae4f9c90189fab78fec42baa56f2141d

    • SHA512

      57cb8683cbe5463c201e3f604ccc020ba61f22ed992a1b59a91076409408dac7f17443f38327a7641c1c5d6c1869031699933033a78d35ef1147188bf85dae0e

    • SSDEEP

      49152:moRLXMJPb7aa1u+ENFAoWo2DqbfQ1rmo6mxQXiDGTMD1TRLjXpWMiI:DpXMJPb1U+EKo2Dqb07BxQXGB3XpWHI

    • Detect PurpleFox Rootkit

      Detect PurpleFox Rootkit.

    • PurpleFox

      PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

    • Purplefox family

    • Drops file in Drivers directory

    • Sets service image path in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks