Overview

overview

10

Static

static

10

2025-04-23...ta.exe

windows10-2004-x64

10

2025-04-23...ta.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    105s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250410-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250410-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2025, 11:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2025-04-23_64036e910c2bf873f2b0a7cdabcb7868_black-basta.exe

  • Size

    5.7MB

  • MD5

    64036e910c2bf873f2b0a7cdabcb7868

  • SHA1

    0904deb888714d34577b69b096d1dc0078143252

  • SHA256

    ec73ba13e6fecabeb90346865b5927e056c9db3f244de020e6dd4f058fbfb347

  • SHA512

    674cd4bb7ce69c1ba82c5c0628e9f1d87310eafbbc15199d52b3e83406411a6a529a825c2a74196173764c53cbeb0fa7e0ed35aa8700be83be44fa7f67f910e7

  • SSDEEP

    49152:AI+t28QZOT1/sSBLztH5KaMW9nTYYvtPcdnebRes0Ev873M4o384wydvELqTAKz5:AJh/sSBLztVX7vtUetes6m//aLhCnObk

Score
10/10
purplefoxrootkittrojan

Malware Config

Signatures

  • Detect PurpleFox Rootkit 1 IoCs

    Detect PurpleFox Rootkit.

    rootkit
  • PurpleFox

    PurpleFox is an exploit kit used to distribute other malware families and first seen in 2018.

    rootkittrojanpurplefox
  • Purplefox family
    purplefox
  • Loads dropped DLL 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2025-04-23_64036e910c2bf873f2b0a7cdabcb7868_black-basta.exe
    "C:\Users\Admin\AppData\Local\Temp\2025-04-23_64036e910c2bf873f2b0a7cdabcb7868_black-basta.exe"
    1⤵
    • Loads dropped DLL
    PID:3488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\DN691C51E267A4C266\HVMRun64.dll
    Filesize

    3.1MB

    MD5

    58ebc5e616543fd4a38c7b5537a41f29

    SHA1

    547852fc7c6e24de8f7cea206b75260fc6c2989c

    SHA256

    19b23cdd835a1bf2dee365a46ece4782c97e30c4b03fd2224c76df0c9c13c24b

    SHA512

    db324323686120eea0e00997a56e821424a7346d781306bee3b710fe862a90888c641d5992ce44d33e53f29bc80d1534ac216983c46eb352fd10f7b446c76a65

    Download Submit

  • memory/3488-0-0x00007FFFBDB43000-0x00007FFFBDB45000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3488-1-0x00000234D4520000-0x00000234D4AD0000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/3488-6-0x00007FFFCCCB0000-0x00007FFFCCDFE000-memory.dmp

    Filesize

    1.3MB

    Download