General
-
Target
64b58794801f282e92571676e3571afc5c59033c262406bf0d36e1d6ef3cda6a.zip
-
Size
897KB
-
Sample
240826-t1sn4aveqq
-
MD5
df5a0ba6bc7ccffeec50ade2a0b844bc
-
SHA1
76ced91f849a4067152a5069c42d138018d307b7
-
SHA256
a9cbd4871bff21deb079925733bf4b5318fda799a5e3cc47c63b080015688890
-
SHA512
5ddbdbbbe3f2c54ef29f7e84ea662bbaff07ce872f8812434ec29fb985767de8d3224188dc7aea596055cef214d8d5555910fe96619467f6d1e9887712cd6e71
-
SSDEEP
24576:OaVti84EAFKhnXAxnzIT3eBqsiGyQKC13TN:Oa7PtAFKWmapyQKW
Behavioral task
behavioral1
Sample
64b58794801f282e92571676e3571afc5c59033c262406bf0d36e1d6ef3cda6a.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
64b58794801f282e92571676e3571afc5c59033c262406bf0d36e1d6ef3cda6a.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
64b58794801f282e92571676e3571afc5c59033c262406bf0d36e1d6ef3cda6a.exe
-
Size
924KB
-
MD5
de64bb0f39113e48a8499d3401461cf8
-
SHA1
8d78c2d4701e4596e87e3f09adde214a2a2033e8
-
SHA256
64b58794801f282e92571676e3571afc5c59033c262406bf0d36e1d6ef3cda6a
-
SHA512
35b7cdcfb866dcdc79be34066a9ad5a8058b80e68925aeb23708606149841022de17e9d205389c13803c01e356174a2f657773df7d53f889e4e1fc1d68074179
-
SSDEEP
24576:NAHFp2K15zXnjfQb6+jFb5RIAJTOcA4gnPdCPPd7wm:WHf15zM5JbtA4wPdCnd75
Score10/10-
PureLog Stealer payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-