Analysis
-
max time kernel
158s -
max time network
170s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
16/01/2023, 09:23
Static task
static1
Behavioral task
behavioral1
Sample
Scan001.exe
Resource
win7-20220901-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Scan001.exe
Resource
win10v2004-20221111-en
2 signatures
150 seconds
General
-
Target
Scan001.exe
-
Size
11.0MB
-
MD5
ba427361ea9b3883c9d62def5f0515d6
-
SHA1
cfbc16035d1aa90cfb6cd670ff9b0cc297b5909d
-
SHA256
0e913a8531cae1910c2c23ac669bcd7764eeac2301113fadc750b9d66b39ba49
-
SHA512
9021851f9e315564fcb6e8e7ac1d8ce5875a4138d10c0047843723e5f6d754a54d23bd7284d6618efa77a88e628233c8004696f4728f0adf0ce10c42881315b9
-
SSDEEP
192:8omYdUCaLe0qqITxLxBLfmf7bWLAIL9CH+W83:JRoBGxLxBLuf7bWLAIL90+Wc
Score
10/10
Malware Config
Extracted
Family
purecrypter
C2
https://espurity.tk/SystemEnv/uploads/newsoftware-update_Pltnacof.bmp
Signatures
-
PureCrypter
PureCrypter is a .NET malware loader first seen in early 2021.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 4840 Scan001.exe