purelogstealer | e572751b2793c544ab7f6742a53e5779b35689e61edd8b2434fbcc30e2d65d51 | Triage

Resubmissions

23-08-2024 15:04

240823-sfqtbstdnr 6

23-08-2024 12:46

240823-pz1absxcjr 10

23-08-2024 12:35

240823-psg56stfqf 6

Sharing

General

Target

ORFEO _20246307407492 - URGENTE requiere POR SEGUNDA VEZ Respuesta al oficio No.111 RD Rad. 2013-656.eml
Size

15KB
Sample

240823-pz1absxcjr
MD5

b2e25716e5e73243001ddba02b023077
SHA1

d8ebde9deb98895999d08a482f100da3b18e9c0c
SHA256

e572751b2793c544ab7f6742a53e5779b35689e61edd8b2434fbcc30e2d65d51
SHA512

6415678e4fef5ceb29e159560b80c81926e5f509a378660f01ed2fe0eebda0bd8fc89ae60e6e99c9ba4dda89b7a4eee16304d25e832ad0bb686cfd4dbb0f1821
SSDEEP

192:aUdKM3CU9jeGADEAVKRzRqIQNAyRXS5wUGTw2usvGXwYSJ2hFj3k9OZ3XT9BQXKd:FKM3CUVeGAbVKRzRyAci5wUCu40zfd

Score

10^/10

purelogstealer discovery stealer

Malware Config

Targets

- Target
  
  ORFEO _20246307407492 - URGENTE requiere POR SEGUNDA VEZ Respuesta al oficio No.111 RD Rad. 2013-656.eml
- Size
  
  15KB
- MD5
  
  b2e25716e5e73243001ddba02b023077
- SHA1
  
  d8ebde9deb98895999d08a482f100da3b18e9c0c
- SHA256
  
  e572751b2793c544ab7f6742a53e5779b35689e61edd8b2434fbcc30e2d65d51
- SHA512
  
  6415678e4fef5ceb29e159560b80c81926e5f509a378660f01ed2fe0eebda0bd8fc89ae60e6e99c9ba4dda89b7a4eee16304d25e832ad0bb686cfd4dbb0f1821
- SSDEEP
  
  192:aUdKM3CU9jeGADEAVKRzRqIQNAyRXS5wUGTw2usvGXwYSJ2hFj3k9OZ3XT9BQXKd:FKM3CUVeGAbVKRzRyAci5wUCu40zfd
Score

10^/10

purelogstealer discovery stealer
- PureLog Stealer
  PureLog Stealer is an infostealer written in C#.
  stealer purelogstealer
- PureLog Stealer payload
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  email-html-2.txt
- Size
  
  10KB
- MD5
  
  7183ae1a2edc11e5dc3de23887add2cc
- SHA1
  
  ef0715dda4271bc9918e032fcd734a1c1e405c8a
- SHA256
  
  c54c717ccac46230fb0ed7b0c773a889659de0b3039825c0fbf20bd5544954d5
- SHA512
  
  06007bb9703d65fe0d5aca44190373a8dce830e04d8a08694c34d0ffdf06e0460c9214eddd15ae9733e6d31c496ce0c2c4fd7c255ff944ed746ed8db41731bfa
- SSDEEP
  
  192:fEAVKRzRqIQqWxDxI9xxz8I9DZ8aT5sdg3wp6vc3cdcgPToPVx3BPBvBhBOcRcOk:3VKRzRtWxDxI9xxwI9D6aT5sdJK0EZ8m
Score

5^/10

discovery
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  email-plain-1.txt
- Size
  
  2KB
- MD5
  
  def5f472670faf67d96bc6b7cbf56515
- SHA1
  
  9a34e337c099be27ccc32ce39000b9abeba810b6
- SHA256
  
  e09536bdf5f5b172340cc2ad418143350a969ebf2cbcb87be1441cbeffc23a10
- SHA512
  
  f49ef3dbb941f9a30a2c95b39c69cfb23c42f1ab73cb37a155890d0502c98220243beec5844dda87893493b2756c4ae5eeaab35b05dcf77d6d05d7646cc48823
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

purelogstealerdiscoverystealer

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6