Overview

overview

10

Static

static

Acwpn.exe

windows7-x64

10

Acwpn.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Acwpn.exe

  • Size

    7KB

  • Sample

    230201-rt6w2abh9x

  • MD5

    5828f5213c4721e4118b3e57388ff2a5

  • SHA1

    6737cd48c485ed00f64d56f2996cb0a4b3e16db8

  • SHA256

    1c1198c6de9cf636d4dc103add73a59ba3101ae38954f20f0ec6ed9b8c563dbd

  • SHA512

    e90cc6a7debeb334a5569f0a69c3b1ef16d8a1b43ef3decc10bff8ae0e510e3e4d3ae8ca838fd4bc090aaece07c6ae0ab5a38f27aaff86e17e322b3e290cf428

  • SSDEEP

    96:wUUIQg0soU3QSQKCJdsYB3TtmXdtEkdpBxNbFnU:wUUIPDQdsYF0tzbHk

Score
10/10
purecryptercollectiondownloaderloader

Malware Config

Targets

    • Target

      Acwpn.exe

    • Size

      7KB

    • MD5

      5828f5213c4721e4118b3e57388ff2a5

    • SHA1

      6737cd48c485ed00f64d56f2996cb0a4b3e16db8

    • SHA256

      1c1198c6de9cf636d4dc103add73a59ba3101ae38954f20f0ec6ed9b8c563dbd

    • SHA512

      e90cc6a7debeb334a5569f0a69c3b1ef16d8a1b43ef3decc10bff8ae0e510e3e4d3ae8ca838fd4bc090aaece07c6ae0ab5a38f27aaff86e17e322b3e290cf428

    • SSDEEP

      96:wUUIQg0soU3QSQKCJdsYB3TtmXdtEkdpBxNbFnU:wUUIPDQdsYF0tzbHk

    Score
    10/10
    purecryptercollectiondownloaderloader

    • Detect PureCrypter injector

      loader

    • PureCrypter

      PureCrypter is a .NET malware loader first seen in early 2021.

      loaderdownloaderpurecrypter

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks