Extracted

• • Target

    8601b9efdac4733e888cc949f337cfbba4140a6a441aaefe2ab391b4d637dfbc.exe

  • Size

    1.3MB

  • MD5

    b4138222931b8458a109d11cd2194ce8

  • SHA1

    3b78247eea213f18d0fa745860b3099238b31fe9

  • SHA256

    8601b9efdac4733e888cc949f337cfbba4140a6a441aaefe2ab391b4d637dfbc

  • SHA512

    8b7f99577a57e42fd9e302ed979a940fc6e64bdc6457866702af44272223c439e5128461120c68b88eed8d6d5257b7e29eb4625a62d9680cd2cf29feff3392bb

  • SSDEEP

    24576:dpxRSasbbtRTnQ5sUm0n0m4DH5fS9Mr9CKkMcvBJsJYs45Z3S8IVej:dpfSamk5sUm0nXsCMkDBU16Z3w

  Score

  10^/10

  purecrypterredlinehwid-spooferdownloaderinfostealerloaderspyware

  • Detect PureCrypter injector

    loader

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2