General

  • Target

    Ödeme 31722.exe

  • Size

    19KB

  • Sample

    230822-jpac9sag77

  • MD5

    63d5a76a6fa8e241653df907c8f048e7

  • SHA1

    19d3f1f51eede4e7c9bedd6e3efbdeb39a2c0f55

  • SHA256

    8cc440eff0de4c70b4427d2d0332dd8ccbadb36ead79bd1db5bc67b665bd3fe2

  • SHA512

    a9863593ea942ca5cf257f00bb359e6e00245851ab38a6d8fdd818bf5c8a4760bf6dc6561cab3bfed93774fb5e9b4a183ab051526aaa8c83238d83f80175e6f2

  • SSDEEP

    384:3TXhfwbvS+GPBXaJNM4smfzxmi/f4Fo1Y7rDfA:3dwYP4NMK3aU

Malware Config

Extracted

Family

purecrypter

C2

https://onedrive.live.com/download?resid=969678C66048EAA5%21285&authkey=!AC3E8HxO1kVosi0

Targets

    • Target

      Ödeme 31722.exe

    • Size

      19KB

    • MD5

      63d5a76a6fa8e241653df907c8f048e7

    • SHA1

      19d3f1f51eede4e7c9bedd6e3efbdeb39a2c0f55

    • SHA256

      8cc440eff0de4c70b4427d2d0332dd8ccbadb36ead79bd1db5bc67b665bd3fe2

    • SHA512

      a9863593ea942ca5cf257f00bb359e6e00245851ab38a6d8fdd818bf5c8a4760bf6dc6561cab3bfed93774fb5e9b4a183ab051526aaa8c83238d83f80175e6f2

    • SSDEEP

      384:3TXhfwbvS+GPBXaJNM4smfzxmi/f4Fo1Y7rDfA:3dwYP4NMK3aU

    • PureCrypter

      PureCrypter is a .NET malware loader first seen in early 2021.

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks