purecrypter | 4856c8ad4a79b338bd8960a49a33de4a399567828e010b73b08a089048c19873 | Triage

Submit
Reports

Overview

overview

Static

static

1

3944a1d4b4...b4.exe

windows7-x64

3944a1d4b4...b4.exe

windows10-2004-x64

Sharing

General

Target

8f04f8e4f87a7e19053f745b6fbcb795.bin
Size

1.6MB
Sample

230313-m48fdsca91
MD5

ca703f18dce7d81710ca1b2b144aae0f
SHA1

9a7b3a2bab5eb6eb8dbb477d60c0e57231895d77
SHA256

4856c8ad4a79b338bd8960a49a33de4a399567828e010b73b08a089048c19873
SHA512

f3419c656f910e39755a0366a27bd66629552ea96856625d3bb9a5e769e152550e91bb480cc0992a0d1e2973d3dd89b6d88711e0c2cb235b38eb5af3589887d7
SSDEEP

49152:2JLAoRRlgDRJoxMqI7kLAC0pzugMxPyRmc8:2+oRngDR4MV7kMC0bMxqAj

Score

10^/10

purecrypter redline red1 downloader infostealer loader

Static task

static1

Behavioral task

behavioral1

Sample

3944a1d4b4fdf0b1a5aecaa579a3c9acac4536544b440acc8362d456f46d3cb4.exe

Resource

win7-20230220-en

purecrypter redline red1 downloader infostealer loader

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3944a1d4b4fdf0b1a5aecaa579a3c9acac4536544b440acc8362d456f46d3cb4.exe

Resource

win10v2004-20230220-en

purecrypter downloader loader

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

red1

C2

34.141.168.40:80

34.125.68.133:80

Attributes

auth_value
70f607e482f39051bebe438c28d43e46

Targets

- Target
  
  3944a1d4b4fdf0b1a5aecaa579a3c9acac4536544b440acc8362d456f46d3cb4.bin
- Size
  
  2.4MB
- MD5
  
  8f04f8e4f87a7e19053f745b6fbcb795
- SHA1
  
  5207f1704c26b19ab175882ab03a13aa42f88f48
- SHA256
  
  3944a1d4b4fdf0b1a5aecaa579a3c9acac4536544b440acc8362d456f46d3cb4
- SHA512
  
  89d372996ecf01293d69267b4c151e59a4dca3968c9f28d5795d620a45232b2ccd3aa29aa87eb540c44d06541d90dbfd5c020c77a0d850e5a4f0eee063a9fe5a
- SSDEEP
  
  49152:Lp7dJRVGJ0vXg055FGLXBFC/tU6aqws96MayXjq7262LMJfS4h1Y:Lp7dJR0+vXg055FSXBFC1gq9kM3zm0MG
Score

10^/10

purecrypter redline red1 downloader infostealer loader
- Detect PureCrypter injector
  loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterredlinered1downloaderinfostealerloader

behavioral2

purecrypterdownloaderloader

© 2018-2025

Terms | Privacy