Extracted

• • Target

    [NEW] Hogwarts Legacy by Empress.zip

  • Size

    33.3MB

  • MD5

    97063fcaee93d46a4d0feb60483fbc38

  • SHA1

    e12275f8f8f8050b22724c651e6ca9d1f7fc411c

  • SHA256

    92c2987eb7f67ab9085cd3675d5e7324d2e51d3d6a4f69d6c1cf9d6fe9c6f669

  • SHA512

    6ff3d4ff6ab3f2213ba6f962dbc1916bc100a9000336e24602026989fda96c7c472b2af8c33100f6c63b2433789d6b105e47595ce868f0a49ce8dc16006e1ca0

  • SSDEEP

    786432:JE8Cti21i5bvj510RE5Fu4syo3TF7dnNZ/0sjJMuMwa4liCbuXzhVgrD:JE8CtioovV10RErtPq7qs9DMX4l9buj0

  Score

  10^/10

  purecrypterdownloaderloaderpersistence

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1