Overview

overview

10

Static

static

1

Downloadly.zip

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Downloadly.zip

  • Size

    15.4MB

  • Sample

    231209-h745xsggh2

  • MD5

    fa4f62062e0cec23b5c1d8fe67f4be2f

  • SHA1

    0735531f6e37a9807a1951d0d03b066b3949484b

  • SHA256

    a88edca3b030046fe82e7add6da06311229c5c4f9396c30c04ab3f0b433eac6e

  • SHA512

    0ffd333dc84ab8e4905fb76b3be69c7b9edba7f4eb72cc10efc82f6ae62d06c36227f4e8ada4f896e359e5ffc664d08caf76e15a40bd17e9384e73842e845995

  • SSDEEP

    393216:QyBO+LImOeHM0i9PZBc1fQWR0+cEUpvsuCos/yoD7j/kg/2bK:Tg+LImOSdaZO1fZu+crpEQs/yoDv/kef

Score
10/10
purelogsdiscoverypersistencestealer

Malware Config

Targets

    • Target

      Downloadly.zip

    • Size

      15.4MB

    • MD5

      fa4f62062e0cec23b5c1d8fe67f4be2f

    • SHA1

      0735531f6e37a9807a1951d0d03b066b3949484b

    • SHA256

      a88edca3b030046fe82e7add6da06311229c5c4f9396c30c04ab3f0b433eac6e

    • SHA512

      0ffd333dc84ab8e4905fb76b3be69c7b9edba7f4eb72cc10efc82f6ae62d06c36227f4e8ada4f896e359e5ffc664d08caf76e15a40bd17e9384e73842e845995

    • SSDEEP

      393216:QyBO+LImOeHM0i9PZBc1fQWR0+cEUpvsuCos/yoD7j/kg/2bK:Tg+LImOSdaZO1fZu+crpEQs/yoDv/kef

    Score
    10/10
    purelogsdiscoverypersistencestealer

    • Detect PureLogs payload

    • PureLogs

      PureLogs is an infostealer written in C#.

      stealerpurelogs

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks