purecrypter | 36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
Size

6KB
Sample

230623-ssqdbsff43
MD5

4f0d3017e1d6e4c39f83a3e550e26c11
SHA1

6f6c966cf3465b48f86ce3b9befb47a209dbd1dd
SHA256

36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
SHA512

2a1fb15339f192d05b958daa36da0e2f20aefeb396148a98696b8c2d4c15ed6d036b304f1fb4078fe12a257b774b8fc74131c3ac420d548f29ec5582076943fa
SSDEEP

96:eFU+v1uy+5tHd/xR5JNtG1KKqYDal+5zNt:G7653/xfhHRgE+7

Score

10^/10

purecrypter collection downloader loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120.exe

Resource

win10v2004-20230621-en

purecrypter collection downloader loader

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

purecrypter

C2

http://cleaning.homesecuritypc.com/packages/Ikucx.dat

Targets

- Target
  
  36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
- Size
  
  6KB
- MD5
  
  4f0d3017e1d6e4c39f83a3e550e26c11
- SHA1
  
  6f6c966cf3465b48f86ce3b9befb47a209dbd1dd
- SHA256
  
  36e84f76412889664edcaca6b4d01e3b6f7a23a63d7ab159089bbe3630e05120
- SHA512
  
  2a1fb15339f192d05b958daa36da0e2f20aefeb396148a98696b8c2d4c15ed6d036b304f1fb4078fe12a257b774b8fc74131c3ac420d548f29ec5582076943fa
- SSDEEP
  
  96:eFU+v1uy+5tHd/xR5JNtG1KKqYDal+5zNt:G7653/xfhHRgE+7
Score

10^/10

purecrypter collection downloader loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecryptercollectiondownloaderloader

© 2018-2025

Terms | Privacy