purecrypter | a19d26160936d45993c7f51ba45422efadefe03ff3819e28ff52482334fa65c3 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

a19d26160936d45993c7f51ba45422efadefe03ff3819e28ff52482334fa65c3
Size

916KB
Sample

231203-v5wf8adh38
MD5

b2e2f7e938326213778c21bac8a07b0c
SHA1

0e2e02c20665b2b7a0f700b31a9f8c80e736f3f4
SHA256

a19d26160936d45993c7f51ba45422efadefe03ff3819e28ff52482334fa65c3
SHA512

0f50989152c77eff1dc80e63d3e83a8818db1b0d67653a102be631c32edc4c2799c7656040761a18210a1353ce436ca852a7ff629f4a0920b5603a77a866f906
SSDEEP

24576:5Ru+5TGtOR/f/MtTU7Qv2Q1QRTT3GQqReCxY/Bc:57TG4/H6OQ1g3GQvw

Score

10^/10

purecrypter zgrat downloader loader rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a19d26160936d45993c7f51ba45422efadefe03ff3819e28ff52482334fa65c3.exe

Resource

win10v2004-20231127-en

purecrypter zgrat downloader loader rat

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

purecrypter

C2

http://verifycleansecurity.com/seven/Jmdhajdggaf.vdf

Targets

- Target
  
  a19d26160936d45993c7f51ba45422efadefe03ff3819e28ff52482334fa65c3
- Size
  
  916KB
- MD5
  
  b2e2f7e938326213778c21bac8a07b0c
- SHA1
  
  0e2e02c20665b2b7a0f700b31a9f8c80e736f3f4
- SHA256
  
  a19d26160936d45993c7f51ba45422efadefe03ff3819e28ff52482334fa65c3
- SHA512
  
  0f50989152c77eff1dc80e63d3e83a8818db1b0d67653a102be631c32edc4c2799c7656040761a18210a1353ce436ca852a7ff629f4a0920b5603a77a866f906
- SSDEEP
  
  24576:5Ru+5TGtOR/f/MtTU7Qv2Q1QRTT3GQqReCxY/Bc:57TG4/H6OQ1g3GQvw
Score

10^/10

purecrypter zgrat downloader loader rat
- Detect ZGRat V1
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterzgratdownloaderloaderrat

© 2018-2025

Terms | Privacy