Overview

overview

10

Static

static

1

2d046356ad...fa.exe

windows7-x64

10

2d046356ad...fa.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    26-02-2023 06:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d046356adc419adef4049f5ec0529fa.exe

  • Size

    1.3MB

  • MD5

    2d046356adc419adef4049f5ec0529fa

  • SHA1

    59b79b81155927260c7e5c73c1505b7ff820fcd7

  • SHA256

    31e477a3732cf4d377bbb89c5a5a3763dadd3581ce07534bb4fc54efb951823b

  • SHA512

    118b6af39c3107785695e61b050a2d767a86f6efe42c7c2afec0f49b651ba318d7a8d783aa7c12936d2aa5a93e4d34e39944e3587dd90dbe36a719ac18e36297

  • SSDEEP

    24576:FfEZRk+1BmMN+wkQZVhtMOb7UlyPeNks08yfcadLetM7ckAx:Ff3IcMNHRLF4yP8k+y5UYnc

Score
10/10
purecrypterdownloaderloader

Malware Config

Signatures

  • Detect PureCrypter injector 34 IoCs
    loader
  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2d046356adc419adef4049f5ec0529fa.exe
    "C:\Users\Admin\AppData\Local\Temp\2d046356adc419adef4049f5ec0529fa.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1268-54-0x0000000000350000-0x000000000049C000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1268-55-0x0000000004C70000-0x0000000004EF4000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-56-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-57-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-59-0x00000000047A0000-0x00000000047E0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1268-62-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-60-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-64-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-68-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-66-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-70-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-72-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-74-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-76-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-80-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-78-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-84-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-82-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-86-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-88-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-94-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-92-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-90-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-96-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-98-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-100-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-104-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-102-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-106-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-108-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-110-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-114-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-112-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-120-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-118-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-116-0x0000000004C70000-0x0000000004EEF000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1268-747-0x00000000047A0000-0x00000000047E0000-memory.dmp

    Filesize

    256KB

    Download