General
-
Target
f0a3884252d20ae26d34a40eb5cf36d9a23e67b97483b6d629ed2af9c14bc15c
-
Size
171KB
-
Sample
230128-1z76qaab7y
-
MD5
b03be47e520c23653d2a5a66739fc4ec
-
SHA1
b89f4fa4580940423eae86a9c55153be53aa7f3b
-
SHA256
f0a3884252d20ae26d34a40eb5cf36d9a23e67b97483b6d629ed2af9c14bc15c
-
SHA512
ee447840ce138bb0a0abcb95183dc1d5a66ff97e2b6152a85cdc69117590b3f491176c779d33ce209aa8bd650268f604d11f7238d7389b5256d2fa114809aa10
-
SSDEEP
1536:Od5c9URWzKr7PhuuUpV7+5JTiy95UuUCQahsf5mZIWiwwr7QXsouW2ASDDA6rRct:Od5pWaxa7Dy956S2j4xnsvXtPdSaex
Behavioral task
behavioral1
Sample
f0a3884252d20ae26d34a40eb5cf36d9a23e67b97483b6d629ed2af9c14bc15c.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
purecrypter
http://185.106.94.146/Kmhyc.png
Targets
-
-
Target
f0a3884252d20ae26d34a40eb5cf36d9a23e67b97483b6d629ed2af9c14bc15c
-
Size
171KB
-
MD5
b03be47e520c23653d2a5a66739fc4ec
-
SHA1
b89f4fa4580940423eae86a9c55153be53aa7f3b
-
SHA256
f0a3884252d20ae26d34a40eb5cf36d9a23e67b97483b6d629ed2af9c14bc15c
-
SHA512
ee447840ce138bb0a0abcb95183dc1d5a66ff97e2b6152a85cdc69117590b3f491176c779d33ce209aa8bd650268f604d11f7238d7389b5256d2fa114809aa10
-
SSDEEP
1536:Od5c9URWzKr7PhuuUpV7+5JTiy95UuUCQahsf5mZIWiwwr7QXsouW2ASDDA6rRct:Od5pWaxa7Dy956S2j4xnsvXtPdSaex
Score10/10-
PureCrypter
PureCrypter is a .NET malware loader first seen in early 2021.
-
XMRig Miner payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-