Overview

overview

10

Static

static

10

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cac0b5218693311e4bd40e0dfa76a0f080876640a4c992324c6926d70f228db2

  • Size

    6.3MB

  • Sample

    240729-gdfpsszbng

  • MD5

    7dd3e725b4b0e2322fa6a087dfbb5a60

  • SHA1

    8694f846dcb951fdb2e629a9024255dcf9c34d5f

  • SHA256

    cac0b5218693311e4bd40e0dfa76a0f080876640a4c992324c6926d70f228db2

  • SHA512

    b47169fc4e69799e551369d4bb5af40815050928d3ff40722c9df984f0fbd23b4a9488af42c8aa53673d32cebbef88a0a453d8b9eba301765c4ce5e15b5deb53

  • SSDEEP

    196608:TeKXMpvO+EYWSo9YYv7h1Bf54Gv1IbR3gQ1z:TeIMpvLEDzTd54f/1z

Score
10/10
purelogstealerdiscoverypersistencestealer

Malware Config

Targets

    • Target

      cac0b5218693311e4bd40e0dfa76a0f080876640a4c992324c6926d70f228db2

    • Size

      6.3MB

    • MD5

      7dd3e725b4b0e2322fa6a087dfbb5a60

    • SHA1

      8694f846dcb951fdb2e629a9024255dcf9c34d5f

    • SHA256

      cac0b5218693311e4bd40e0dfa76a0f080876640a4c992324c6926d70f228db2

    • SHA512

      b47169fc4e69799e551369d4bb5af40815050928d3ff40722c9df984f0fbd23b4a9488af42c8aa53673d32cebbef88a0a453d8b9eba301765c4ce5e15b5deb53

    • SSDEEP

      196608:TeKXMpvO+EYWSo9YYv7h1Bf54Gv1IbR3gQ1z:TeIMpvLEDzTd54f/1z

    Score
    10/10
    purelogstealerdiscoverypersistencestealer

    • PureLog Stealer

      PureLog Stealer is an infostealer written in C#.

      stealerpurelogstealer

    • PureLog Stealer payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks