purecrypter | 36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
Size

6KB
Sample

230623-ssqdbsff43
MD5

4f0d3017e1d6e4c39f83a3e550e26c11
SHA1

6f6c966cf3465b48f86ce3b9befb47a209dbd1dd
SHA256

36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
SHA512

2a1fb15339f192d05b958daa36da0e2f20aefeb396148a98696b8c2d4c15ed6d036b304f1fb4078fe12a257b774b8fc74131c3ac420d548f29ec5582076943fa
SSDEEP

96:eFU+v1uy+5tHd/xR5JNtG1KKqYDal+5zNt:G7653/xfhHRgE+7

Score

10^/10

purecrypter collection downloader loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120.exe

Resource

win10v2004-20230621-en

purecrypter collection downloader loader

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

purecrypter

C2

http://cleaning.homesecuritypc.com/packages/Ikucx.dat

Targets

- Target
  
  36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
- Size
  
  6KB
- MD5
  
  4f0d3017e1d6e4c39f83a3e550e26c11
- SHA1
  
  6f6c966cf3465b48f86ce3b9befb47a209dbd1dd
- SHA256
  
  36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
- SHA512
  
  2a1fb15339f192d05b958daa36da0e2f20aefeb396148a98696b8c2d4c15ed6d036b304f1fb4078fe12a257b774b8fc74131c3ac420d548f29ec5582076943fa
- SSDEEP
  
  96:eFU+v1uy+5tHd/xR5JNtG1KKqYDal+5zNt:G7653/xfhHRgE+7
Score

10^/10

purecrypter collection downloader loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

purecryptercollectiondownloaderloader

© 2018-2024

Terms | Privacy