General
-
Target
LSCHaX for 1.67 [External] (Password=123).rar
-
Size
6KB
-
Sample
230625-wjkchaec79
-
MD5
7d6a1d8aa78308651c8e2e2b2e3f8491
-
SHA1
faebf6665f66147108d264c7b4be034b1932af08
-
SHA256
458ef97a8cd1bcbc17760bed44765b5f8bddcce614725ae4e3eb3e194db72a18
-
SHA512
1c22b79f3492983c52d765e4624cfdbf12dabd66659318cde2b0e6214125022030010d0747eeb992a6304dc7c297bb29893282091ae5e85f1566fff92ad01ff0
-
SSDEEP
192:LN/Q7j0WlAoCdeD4BVOizn56WO/1rxrUptWmi:LN1zUD4j1znyrqtWmi
Behavioral task
behavioral1
Sample
LSCHaX for 1.67 [External].exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
purecrypter
http://botnetlogs.com/PureCrypter/panel/uploads/Ppnqsohgemm.mp3
Targets
-
-
Target
LSCHaX for 1.67 [External].exe
-
Size
12KB
-
MD5
507fd3ff2f6e179dd26943c3b1015101
-
SHA1
3220b92de9b791ba7c577986ca955832bdd91e0c
-
SHA256
44403644c2944552b6d518ac015fc2097ac1bcced378e63e844309c78c8c590e
-
SHA512
84cd66d8705715b1b6b3caba9b26b01ce1fc9fee632a234c3ecb69eb35b7879ba39f73c05816c48aaa14563dbee19145fe3bf1733d81ca82c8d755bee8018a70
-
SSDEEP
192:CvjN676gtvCHxaNT/ALcGQ1hp3xR9F90mBRCXmod4BM4YQY:UxaNT/ALcDhxRb95CXmc4YQ
Score10/10-
PureCrypter
PureCrypter is a .NET malware loader first seen in early 2021.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-