General
-
Target
e453ee4e1a1a3c97ebab67171893ae7f.exe
-
Size
2.4MB
-
Sample
230201-te3beacd7z
-
MD5
e453ee4e1a1a3c97ebab67171893ae7f
-
SHA1
b4c24de8784bb530d549ed1df3716f2640e52d79
-
SHA256
f33f2b0823a6b41f1632f5d19ebe4d144375781702b3f7b544c6321937f28161
-
SHA512
d90c6a7b92779478082592af1ff6b378dca8f6469c6a38f4445938ee3b82123a8c578e07392a0f767f76712fa158a9d57988adb4723baccf48724a47fe0921de
-
SSDEEP
49152:bRPs+XkKb9mSewZPhGDcUovKdd+hHHafaQG0:dPD/tFKdd+ZafaZ0
Static task
static1
Behavioral task
behavioral1
Sample
e453ee4e1a1a3c97ebab67171893ae7f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
e453ee4e1a1a3c97ebab67171893ae7f.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e453ee4e1a1a3c97ebab67171893ae7f.exe
-
Size
2.4MB
-
MD5
e453ee4e1a1a3c97ebab67171893ae7f
-
SHA1
b4c24de8784bb530d549ed1df3716f2640e52d79
-
SHA256
f33f2b0823a6b41f1632f5d19ebe4d144375781702b3f7b544c6321937f28161
-
SHA512
d90c6a7b92779478082592af1ff6b378dca8f6469c6a38f4445938ee3b82123a8c578e07392a0f767f76712fa158a9d57988adb4723baccf48724a47fe0921de
-
SSDEEP
49152:bRPs+XkKb9mSewZPhGDcUovKdd+hHHafaQG0:dPD/tFKdd+ZafaZ0
-
Detect PureCrypter injector
-
PureCrypter
PureCrypter is a .NET malware loader first seen in early 2021.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-