Overview

overview

10

Static

static

3

Minecraft ...ky.exe

windows7-x64

7

Minecraft ...ky.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Minecraft Checker by xRisky.exe

  • Size

    5.6MB

  • Sample

    230627-tllx1aff6s

  • MD5

    682fcac2b949bc9fcb3b039b2ddb5ff2

  • SHA1

    94eb1e61b975c65f95c5519d0bfb128906c3dcbb

  • SHA256

    029efceb46ffeaefe413209d52c458e22d444c6a67514ac6b0f015caa6e27c9e

  • SHA512

    c2ebcff22f15873cf2f119e025eeeb081210ea07de4271758676490f1eb1dde82afd5750a800a8dbbde408ac7a6dc8f54e448fb4180bc4205ab67dc6ba1abd28

  • SSDEEP

    98304:MQsAE8NRnJFKRhwnA8K8s0n2uiR3dN1mnRsMEZQ8kSZvIgi+1RWQ:zNVJFKP98K8sVR37knuWSpli+y

Score
10/10
purecrypterdownloaderloader

Malware Config

Extracted

Family

purecrypter

C2

http://botnetlogs.com/PureCrypter/panel/uploads/Gxjkiikrv.pdf

Targets

    • Target

      Minecraft Checker by xRisky.exe

    • Size

      5.6MB

    • MD5

      682fcac2b949bc9fcb3b039b2ddb5ff2

    • SHA1

      94eb1e61b975c65f95c5519d0bfb128906c3dcbb

    • SHA256

      029efceb46ffeaefe413209d52c458e22d444c6a67514ac6b0f015caa6e27c9e

    • SHA512

      c2ebcff22f15873cf2f119e025eeeb081210ea07de4271758676490f1eb1dde82afd5750a800a8dbbde408ac7a6dc8f54e448fb4180bc4205ab67dc6ba1abd28

    • SSDEEP

      98304:MQsAE8NRnJFKRhwnA8K8s0n2uiR3dN1mnRsMEZQ8kSZvIgi+1RWQ:zNVJFKP98K8sVR37knuWSpli+y

    Score
    10/10
    purecrypterdownloaderloader

    • PureCrypter

      PureCrypter is a .NET malware loader first seen in early 2021.

      loaderdownloaderpurecrypter

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks