Malware Analysis Report

2024-11-30 21:56

Sample ID 230206-l8hvvsgf61
Target b0f795a3e55c48f038e4a5d31cd77171.bin
SHA256 cfe2b3c7dc80de2c3eaa70e0350ad45ec4f99cdb16b7511ea04986cd990fab9d
Tags
loader purecrypter
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

cfe2b3c7dc80de2c3eaa70e0350ad45ec4f99cdb16b7511ea04986cd990fab9d

Threat Level: Known bad

The file b0f795a3e55c48f038e4a5d31cd77171.bin was found to be: Known bad.

Malicious Activity Summary

loader purecrypter

Purecrypter family

Detect PureCrypter injector

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-02-06 10:12

Signatures

Detect PureCrypter injector

loader
Description Indicator Process Target
N/A N/A N/A N/A

Purecrypter family

purecrypter

Analysis: behavioral1

Detonation Overview

Submitted

2023-02-06 10:12

Reported

2023-02-06 10:14

Platform

win7-20221111-en

Max time kernel

28s

Max time network

31s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\a05759a606f754ea7315225ccd542774734962fc343d43cc9607db110e7956ee.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\a05759a606f754ea7315225ccd542774734962fc343d43cc9607db110e7956ee.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-02-06 10:12

Reported

2023-02-06 10:14

Platform

win10v2004-20220812-en

Max time kernel

64s

Max time network

140s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\a05759a606f754ea7315225ccd542774734962fc343d43cc9607db110e7956ee.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\a05759a606f754ea7315225ccd542774734962fc343d43cc9607db110e7956ee.dll,#1

Network

Country Destination Domain Proto
US 13.89.179.8:443 tcp

Files

N/A