purecrypter | 3d7b1276251e4f31fe0777a4f7f53073a65db3cb7678f9a0e229fbad8eac0599 | Triage

Sharing

General

Target

JaffaCakes118_3d7b1276251e4f31fe0777a4f7f53073a65db3cb7678f9a0e229fbad8eac0599
Size

81KB
Sample

241225-sjjjeswnhk
MD5

5fb81461702b9fdb75d3f195031a58ed
SHA1

47b9a52f0d2c49bf7fec8e07d734307cf2e3918f
SHA256

3d7b1276251e4f31fe0777a4f7f53073a65db3cb7678f9a0e229fbad8eac0599
SHA512

60372c8958e1dafe6499c148b3acf1efd2085d6a320fa3b9168d147c4ae78ffe59465d7c7c454e8b1cae28f2bff9bc3909c65ea18453e006622ec7d21b5b0c2d
SSDEEP

1536:qDP0FVZkqvyNSkm8ED/7IOu3/Un09LBuuzkEkTn:qey9mXD/s/3ZubTn

Score

10^/10

purecrypter discovery downloader loader persistence

Malware Config

Extracted

Family

purecrypter

C2

https://www.filifilm.com.br/images/colors/purple/Lbbtd.jpeg

Targets

- Target
  
  MetaMansionSetup.exe
- Size
  
  668.1MB
- MD5
  
  52172aa6b69b63f2d1ad54aa7f6361f5
- SHA1
  
  1967368c2a958bd1ff4dc2a0a861d9276f42cfe5
- SHA256
  
  67d3921c2f43568804c9d02dfc8cf36470c66b4751179549d487d663daf35d5f
- SHA512
  
  bbc3fc53a43eebdce1078f8117935b109f45761a504e26d33498ff8a71beb075132ca6186f7b8057f31210d9a680d819a643baca1b97012e0282f267680a8964
- SSDEEP
  
  1536:BI47GyTGCwiSnmQUt0LB1cIs5gsoG+sjrPxw:BvGyYiSDnt1ch5mG+svxw
Score

10^/10

purecrypter discovery downloader loader persistence
- PureCrypter
  PureCrypter is a .NET malware loader first seen in early 2021.
  loader downloader purecrypter
- Purecrypter family
  purecrypter
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

purecrypterdiscoverydownloaderloaderpersistence