Extracted

• • Target

    Magnet Product List Drawing DESIGN.xls

  • Size

    627KB

  • MD5

    40c80e5b61e3f50321933f795b672f61

  • SHA1

    7bea369528e82bac7198de4d2f78fa0fc824cbc5

  • SHA256

    524784571b2403c96f0d80401d75a69ef4ce4d6f263966100a4b604b069cab26

  • SHA512

    7bee2b3acbc25c23a2c4cff02e18203d03c06d75bb29b6120771aa599dfc16c6bbe20a209e4e266be3dd04dbbdbf0480e6181f8cb3683b25b3034e6734705a1e

  • SSDEEP

    12288:JqFzu4L62Ndp4EaPmz1Iyqko/lvBtfRqLBwzirb60RzkE7V7F:Ozu4L62NdSBmzcndfRqqiJzLJ

  Score

  10^/10

  purecrypterdownloaderloader

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2