purecrypter | 4b3369d4573807efe4bf8f571472ee2093e0b28c17eef94d73ba1ed63cf959aa | Triage

Submit
Reports

Overview

overview

Static

static

3

TORRENTOLD-1.exe

windows7-x64

TORRENTOLD-1.exe

windows10-2004-x64

Sharing

General

Target

TORRENTOLD-1.exe
Size

1.3MB
Sample

231108-2qqqraeb7w
MD5

984f8dd35c2ae61a310992832df6cedf
SHA1

2262fb9d4244a33d359140fdfd6d89779a887b41
SHA256

4b3369d4573807efe4bf8f571472ee2093e0b28c17eef94d73ba1ed63cf959aa
SHA512

509b94ffaee394f1c2d7e79a21cb966068a42cc5a774c765a2bd86b1f55982810840e61262581cbed879e8ec85f39fee7823467d1d81ee6a07599e709c5d6792
SSDEEP

24576:b2LBa1xIo0t29o0wu7osrgS4UTOHwnsXIScCfhJfmHCSjg:bk+xb049odAFksTLnsXz7mHj

Score

10^/10

purecrypter redline zgrat torrentold downloader infostealer loader rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

TORRENTOLD-1.exe

Resource

win7-20231020-en

purecrypter redline zgrat torrentold downloader infostealer loader rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

TORRENTOLD-1.exe

Resource

win10v2004-20231025-en

purecrypter redline zgrat torrentold downloader infostealer loader rat

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

TORRENTOLD

C2

amrican-sport-live-stream.cc:4581

Attributes

auth_value
74e1b58bf920611f04c0e3919954fe05

Targets

- Target
  
  TORRENTOLD-1.exe
- Size
  
  1.3MB
- MD5
  
  984f8dd35c2ae61a310992832df6cedf
- SHA1
  
  2262fb9d4244a33d359140fdfd6d89779a887b41
- SHA256
  
  4b3369d4573807efe4bf8f571472ee2093e0b28c17eef94d73ba1ed63cf959aa
- SHA512
  
  509b94ffaee394f1c2d7e79a21cb966068a42cc5a774c765a2bd86b1f55982810840e61262581cbed879e8ec85f39fee7823467d1d81ee6a07599e709c5d6792
- SSDEEP
  
  24576:b2LBa1xIo0t29o0wu7osrgS4UTOHwnsXIScCfhJfmHCSjg:bk+xb049odAFksTLnsXz7mHj
Score

10^/10

purecrypter redline zgrat torrentold downloader infostealer loader rat
- Detect PureCrypter injector
  loader
- Detect ZGRat V1
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

purecrypterredlinezgrattorrentolddownloaderinfostealerloaderrat

behavioral2

purecrypterredlinezgrattorrentolddownloaderinfostealerloaderrat

© 2018-2024

Terms | Privacy