Extracted

• • Target

    Qhxujqkxtf.exe

  • Size

    6KB

  • MD5

    4fc2df99dcdbf2886d139b0f4dfad85c

  • SHA1

    5c02c737e12540a6b5c56615b9b972ee171d2aa1

  • SHA256

    c7cbb1b4915f9cbce71dbe9df6027e73166fef1fce95976685640845e5f79685

  • SHA512

    ae83119c6d47b6f6f06ab372cb584d88f01560c9847451faf00b61aa93373f492613b36dee83ae51ed2268ac9b553f70ec46522583d9636a91114f760abe14e5

  • SSDEEP

    96:DgdesBVLuiDTgIlNtuL/A3/I63yPRZjXMRWV6xjtLEk9sl8jzNt:EYsd/jtuLIg6YT4Rd5t9y8l

  Score

  10^/10

  purecrypterdownloaderloader

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2