purecrypter | 8601b9efdac4733e888cc949f337cfbba4140a6a441aaefe2ab391b4d637dfbc | Triage

Submit
Reports

Overview

overview

Static

static

3

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp
Size

1.3MB
Sample

230525-sg4rksbe2x
MD5

b4138222931b8458a109d11cd2194ce8
SHA1

3b78247eea213f18d0fa745860b3099238b31fe9
SHA256

8601b9efdac4733e888cc949f337cfbba4140a6a441aaefe2ab391b4d637dfbc
SHA512

8b7f99577a57e42fd9e302ed979a940fc6e64bdc6457866702af44272223c439e5128461120c68b88eed8d6d5257b7e29eb4625a62d9680cd2cf29feff3392bb
SSDEEP

24576:dpxRSasbbtRTnQ5sUm0n0m4DH5fS9Mr9CKkMcvBJsJYs45Z3S8IVej:dpfSamk5sUm0nXsCMkDBU16Z3w

Score

10^/10

purecrypter redline hwid-spoofer downloader infostealer loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20230220-en

purecrypter redline hwid-spoofer downloader infostealer loader

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20230220-en

purecrypter downloader loader

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

HWID-SPOOFER

C2

amrican-sport-live-stream.cc:4581

Attributes

auth_value
82cc1998a304a60caeeadbaf5bb109cb

Targets

- Target
  
  tmp
- Size
  
  1.3MB
- MD5
  
  b4138222931b8458a109d11cd2194ce8
- SHA1
  
  3b78247eea213f18d0fa745860b3099238b31fe9
- SHA256
  
  8601b9efdac4733e888cc949f337cfbba4140a6a441aaefe2ab391b4d637dfbc
- SHA512
  
  8b7f99577a57e42fd9e302ed979a940fc6e64bdc6457866702af44272223c439e5128461120c68b88eed8d6d5257b7e29eb4625a62d9680cd2cf29feff3392bb
- SSDEEP
  
  24576:dpxRSasbbtRTnQ5sUm0n0m4DH5fS9Mr9CKkMcvBJsJYs45Z3S8IVej:dpfSamk5sUm0nXsCMkDBU16Z3w
Score

10^/10

purecrypter redline hwid-spoofer downloader infostealer loader
- Detect PureCrypter injector
  loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

purecrypterredlinehwid-spooferdownloaderinfostealerloader

behavioral2

purecrypterdownloaderloader

© 2018-2024

Terms | Privacy