purelogs | 7cd96775dc5d850fc768c2b335ae697dd637e54edf3670692681ff2d6df281aa | Triage

Sharing

General

Target

7cd96775dc5d850fc768c2b335ae697dd637e54edf3670692681ff2d6df281aa
Size

11.2MB
Sample

231201-em43mseg76
MD5

bed85854f8be4b200248f54da9dd8f91
SHA1

be8f6416d15b07d863f601fc4fcf159fc65a366e
SHA256

7cd96775dc5d850fc768c2b335ae697dd637e54edf3670692681ff2d6df281aa
SHA512

2eccfa5fa9d1aceab03007983ab9fda0cb5bc984f70a1238f5569a9cb1d3427504f24025a9b7a16143974c7e000bc120b85337824932aa72b3a856f6f7197aa5
SSDEEP

196608:GeBkQ6T535kgz/Uka0ZHrHUoMiZgzIxFipHbstTFuRHzlm7RIIen4t3ESHU2Htr8:Xa/h5kk/GMrHUYZg0xKsAHzlmt1e4t2n

Score

10^/10

purelogs stealer

Malware Config

Targets

- Target
  
  7cd96775dc5d850fc768c2b335ae697dd637e54edf3670692681ff2d6df281aa
- Size
  
  11.2MB
- MD5
  
  bed85854f8be4b200248f54da9dd8f91
- SHA1
  
  be8f6416d15b07d863f601fc4fcf159fc65a366e
- SHA256
  
  7cd96775dc5d850fc768c2b335ae697dd637e54edf3670692681ff2d6df281aa
- SHA512
  
  2eccfa5fa9d1aceab03007983ab9fda0cb5bc984f70a1238f5569a9cb1d3427504f24025a9b7a16143974c7e000bc120b85337824932aa72b3a856f6f7197aa5
- SSDEEP
  
  196608:GeBkQ6T535kgz/Uka0ZHrHUoMiZgzIxFipHbstTFuRHzlm7RIIen4t3ESHU2Htr8:Xa/h5kk/GMrHUYZg0xKsAHzlmt1e4t2n
Score

10^/10

purelogs stealer
- Detect PureLogs payload
- PureLogs
  PureLogs is an infostealer written in C#.
  stealer purelogs
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purelogsstealer

behavioral2

purelogsstealer