purecrypter | 78ee0644bbe5776bbf4474fa112e69da56a250d40357f7b09ddf09e0de117ea1 | Triage

Sharing

General

Target

78ee0644bbe5776bbf4474fa112e69da56a250d40357f7b09ddf09e0de117ea1
Size

110KB
Sample

230228-a5yw5age2y
MD5

0ede257a56a6b1fbd2b1405568b44015
SHA1

bffba8a4cc2ba225b51d1650c3db80198175f842
SHA256

78ee0644bbe5776bbf4474fa112e69da56a250d40357f7b09ddf09e0de117ea1
SHA512

ca727b6d5ce27efd72193c82b58f8fcae03463a5bcd71c94d02375a5127b69db904b83de8a6c5322ddbf8a40a2ad0719cd053152bff82ede9e4167f3b9285c7c
SSDEEP

384:49OYSG2piL6CM9QXr5bCbFxlYh6GmTx3qpWV4U6DPl3YlTloNlvcloNlvAlfYlNP:49OPe29QXr5qFx2YnJqy6CV

Score

10^/10

purecrypter downloader loader

Malware Config

Extracted

Family

purecrypter

C2

https://cents-ability.org/loader/uploads/withoutstartup_Wacutryp.jpg

Targets

- Target
  
  78ee0644bbe5776bbf4474fa112e69da56a250d40357f7b09ddf09e0de117ea1
- Size
  
  110KB
- MD5
  
  0ede257a56a6b1fbd2b1405568b44015
- SHA1
  
  bffba8a4cc2ba225b51d1650c3db80198175f842
- SHA256
  
  78ee0644bbe5776bbf4474fa112e69da56a250d40357f7b09ddf09e0de117ea1
- SHA512
  
  ca727b6d5ce27efd72193c82b58f8fcae03463a5bcd71c94d02375a5127b69db904b83de8a6c5322ddbf8a40a2ad0719cd053152bff82ede9e4167f3b9285c7c
- SSDEEP
  
  384:49OYSG2piL6CM9QXr5bCbFxlYh6GmTx3qpWV4U6DPl3YlTloNlvcloNlvAlfYlNP:49OPe29QXr5qFx2YnJqy6CV
Score

10^/10

purecrypter downloader loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterdownloaderloader

behavioral2

purecrypterdownloaderloader