purecrypter | 9fbd44c68c8181d842e2553efc72b2f56324d638f56e2581b2db2ce53421d70f | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

9fbd44c68c8181d842e2553efc72b2f56324d638f56e2581b2db2ce53421d70f
Size

1.5MB
Sample

230216-jd5d9sgb7z
MD5

b67649a9a69b4891e75746f8ed5ffbec
SHA1

4d59dcf71f149fbd482e045bd58742d8589b7d4b
SHA256

9fbd44c68c8181d842e2553efc72b2f56324d638f56e2581b2db2ce53421d70f
SHA512

6edfb13376787e5a2f6fcfc5126421c60080c2504b48cad2b37cde73e441a66462220b6e2ca56e1223c864df0c2011c6244e5139b70744141fc6b59a60771e70
SSDEEP

24576:DP/kDXWkQpq97UrOPdDOBeWICivr9kDXWkQpq97UrOPdDOBeWICivp:DUm5pYI6PdDAeTvr2m5pYI6PdDAeTvp

Score

10^/10

purecrypter downloader loader

Static task

static1

Behavioral task

behavioral1

Sample

9fbd44c68c8181d842e2553efc72b2f56324d638f56e2581b2db2ce53421d70f.exe

Resource

win10v2004-20221111-en

purecrypter downloader loader

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

purecrypter

C2

http://rssh.li/panel/uploads/Vvfilmvppec.dat

Targets

- Target
  
  9fbd44c68c8181d842e2553efc72b2f56324d638f56e2581b2db2ce53421d70f
- Size
  
  1.5MB
- MD5
  
  b67649a9a69b4891e75746f8ed5ffbec
- SHA1
  
  4d59dcf71f149fbd482e045bd58742d8589b7d4b
- SHA256
  
  9fbd44c68c8181d842e2553efc72b2f56324d638f56e2581b2db2ce53421d70f
- SHA512
  
  6edfb13376787e5a2f6fcfc5126421c60080c2504b48cad2b37cde73e441a66462220b6e2ca56e1223c864df0c2011c6244e5139b70744141fc6b59a60771e70
- SSDEEP
  
  24576:DP/kDXWkQpq97UrOPdDOBeWICivr9kDXWkQpq97UrOPdDOBeWICivp:DUm5pYI6PdDAeTvr2m5pYI6PdDAeTvp
Score

10^/10

purecrypter downloader loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterdownloaderloader

© 2018-2025

Terms | Privacy