Extracted

• • Target

    202311218800-INV62009HX66549.scr

  • Size

    14KB

  • MD5

    19395fea893e3dcea476504227d56be6

  • SHA1

    f86b35526cd61c8aab3911b11ca692225e341906

  • SHA256

    3fcb840d5e65fc86ed5637bdcbab0ecde764d360ebe18a5e5d6795811dc1c622

  • SHA512

    567acf5e2be2482d923142c3bd574f79475abdcfd9f63768bfe5632fe43b9ebfde3b7865c2d1971eb922686deeac4322d1c627329c96621b0c3b31940586d724

  • SSDEEP

    192:Uebp41yqqdcA32GG0s4LqVrTC+xV/knQi1oo79ED607RQ:UeboyqCZ2GGOLqVTfknQyMR

  Score

  10^/10

  purecrypterdownloaderloadercollectionpersistencespywarestealer

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2