purecrypter | 2261e72f0d0b2f0ffbc284c0ba81ed231990bb1f29d6538a6ba1f86831e13ad3 | Triage

Sharing

General

Target

f85fffaeb5a6b1d4c2e88fcd3f1eae19_JaffaCakes118
Size

74KB
Sample

240926-ppbtzsxblq
MD5

f85fffaeb5a6b1d4c2e88fcd3f1eae19
SHA1

1f5bab84b27438a032c44beae8ff6c06fe6934b7
SHA256

2261e72f0d0b2f0ffbc284c0ba81ed231990bb1f29d6538a6ba1f86831e13ad3
SHA512

b4b13f470fe7768c06447cb60a986c0223d958375f55cc4370f88c9a4c8fbe0ce1d83acaebd403325147548b0eb53bbbcc4ae364f9fe2081560bbe29489eb858
SSDEEP

384:xFNCkrP6b4TZcdr4SAJlCqe5OThQYuMnJA700eTxzxkx+xMx4ZxDvpVIecOzZuO2:vrP6bQl4qnJA700yvP

Score

10^/10

purecrypter downloader loader

Malware Config

Extracted

Family

purecrypter

C2

https://store2.gofile.io/download/c0f09c5b-4af1-4366-b250-a13825e99334/Oxucssglmojl.dll

Targets

- Target
  
  f85fffaeb5a6b1d4c2e88fcd3f1eae19_JaffaCakes118
- Size
  
  74KB
- MD5
  
  f85fffaeb5a6b1d4c2e88fcd3f1eae19
- SHA1
  
  1f5bab84b27438a032c44beae8ff6c06fe6934b7
- SHA256
  
  2261e72f0d0b2f0ffbc284c0ba81ed231990bb1f29d6538a6ba1f86831e13ad3
- SHA512
  
  b4b13f470fe7768c06447cb60a986c0223d958375f55cc4370f88c9a4c8fbe0ce1d83acaebd403325147548b0eb53bbbcc4ae364f9fe2081560bbe29489eb858
- SSDEEP
  
  384:xFNCkrP6b4TZcdr4SAJlCqe5OThQYuMnJA700eTxzxkx+xMx4ZxDvpVIecOzZuO2:vrP6bQl4qnJA700yvP
Score

10^/10

purecrypter downloader loader
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterdownloaderloader

behavioral2

purecrypterdownloaderloader