purecrypter | 1d3193d3f4806b993f8bf3874f0bfbacfedd860a82ed8b6ab26a9a0d30338a7d | Triage

Sharing

General

Target

JaffaCakes118_1d3193d3f4806b993f8bf3874f0bfbacfedd860a82ed8b6ab26a9a0d30338a7d
Size

715.8MB
Sample

241223-2ftpnatldx
MD5

6697e2951a46bee77fcbd59321c8fc06
SHA1

c8966259d2aa9c216f173f566f3962531b405f10
SHA256

1d3193d3f4806b993f8bf3874f0bfbacfedd860a82ed8b6ab26a9a0d30338a7d
SHA512

fe2be9aeb203bcc81c205e833a1ed9a698cf6edc82053431a34e8d84f2447e9bcaddda11ff4a5b93df7a45ffcd2a6c4f483907f30326d6ce43faf9ee2ffdb1c1
SSDEEP

1536:3rae78zjORCDGwfdCSog013131Zs5gW0MuiNcL3IIG4BLpre1ID1PxY3hBq:dahKyd2n31F253ObL3IIG4xle1IVxGq

Score

10^/10

purecrypter discovery downloader loader persistence

Malware Config

Extracted

Family

purecrypter

C2

http://comicmaster.org.uk/img/css/design/fabric/bo/Kvxut.dat

Targets

- Target
  
  JaffaCakes118_1d3193d3f4806b993f8bf3874f0bfbacfedd860a82ed8b6ab26a9a0d30338a7d
- Size
  
  715.8MB
- MD5
  
  6697e2951a46bee77fcbd59321c8fc06
- SHA1
  
  c8966259d2aa9c216f173f566f3962531b405f10
- SHA256
  
  1d3193d3f4806b993f8bf3874f0bfbacfedd860a82ed8b6ab26a9a0d30338a7d
- SHA512
  
  fe2be9aeb203bcc81c205e833a1ed9a698cf6edc82053431a34e8d84f2447e9bcaddda11ff4a5b93df7a45ffcd2a6c4f483907f30326d6ce43faf9ee2ffdb1c1
- SSDEEP
  
  1536:3rae78zjORCDGwfdCSog013131Zs5gW0MuiNcL3IIG4BLpre1ID1PxY3hBq:dahKyd2n31F253ObL3IIG4xle1IVxGq
Score

10^/10

purecrypter discovery downloader loader persistence
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Purecrypter family
  purecrypter
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterdiscoverydownloaderloaderpersistence