Extracted

• • Target

    [NEW] Hogwarts Legacy by Empress.rar

  • Size

    29.7MB

  • MD5

    cfd8232e140eab8777b8f991ae366340

  • SHA1

    32d5220d626962ca2c9c7990ac0799307883e169

  • SHA256

    f9cedf4358e6229bcc82dad28fd7fe3893f69ac237a30cc343d7aff182bfd025

  • SHA512

    c5fe83ea69eed717dbeb7e234f39e42b18f5ce77e6725aee1740dcc92c1d6460f5209f2511c8ce9d9faff66dff25370427a73bb5e0c7624c45929dba1d3c3d63

  • SSDEEP

    786432:wt2vfABLUXxAAP+wKYFAb314QQ4VUqTjCG0HaGkgOLBazdA:wGdxYJ32QQ4VleG3gOYz2

  Score

  10^/10

  purecrypterdownloaderloaderpersistence

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2