General
-
Target
deflated-unityinstaller.exe
-
Size
278KB
-
Sample
230127-cq4vyahf3t
-
MD5
fb48937c11f4bda57dad5c55bb7bcc0e
-
SHA1
e559b23402f70d80b7f26b37c965a4ef17d9c2d4
-
SHA256
c89c19f79b2fdf5a50b4f152327956504b80758552625d4d9562dc66e14b90df
-
SHA512
f58403183ea9bb119411559aa186395440015255e74c0126bd242e2db63b4537eef5a4581754f22a84f47d233655d46c1fbebe5c273c15d030506641f8bcb999
-
SSDEEP
3072:ecssB5G0w2Zoh30PMgXTmQrV9XqH8NiqpytGSdfD:enYZC30PwQh9Lr+
Malware Config
Targets
-
-
Target
deflated-unityinstaller.exe
-
Size
278KB
-
MD5
fb48937c11f4bda57dad5c55bb7bcc0e
-
SHA1
e559b23402f70d80b7f26b37c965a4ef17d9c2d4
-
SHA256
c89c19f79b2fdf5a50b4f152327956504b80758552625d4d9562dc66e14b90df
-
SHA512
f58403183ea9bb119411559aa186395440015255e74c0126bd242e2db63b4537eef5a4581754f22a84f47d233655d46c1fbebe5c273c15d030506641f8bcb999
-
SSDEEP
3072:ecssB5G0w2Zoh30PMgXTmQrV9XqH8NiqpytGSdfD:enYZC30PwQh9Lr+
Score10/10-
Detect PureCrypter injector
-
PureCrypter
PureCrypter is a .NET malware loader first seen in early 2021.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-