Overview
overview
10Static
static
1005d48395-8...be.dll
windows10-2004-x64
105d48395-8...be.dll
windows11-21h2-x64
1Newtonsoft.Json.dll
windows10-2004-x64
1Newtonsoft.Json.dll
windows11-21h2-x64
1ReaLTaiizor.dll
windows10-2004-x64
1ReaLTaiizor.dll
windows11-21h2-x64
1SevenZipSharp.dll
windows10-2004-x64
1SevenZipSharp.dll
windows11-21h2-x64
1upd.exe
windows10-2004-x64
10upd.exe
windows11-21h2-x64
10General
-
Target
bubble_extracted.7z
-
Size
1.4MB
-
Sample
250424-yzjr1syj16
-
MD5
90c60556d3c607805fd86b1a5ea635ac
-
SHA1
ae7ae220b02b9475822d5ba8727a3210332e82ca
-
SHA256
be77d8d3e23e4d5c96d8281162daa7554eef1683a5d5c9d8aa03454734ebb109
-
SHA512
889b5813b28d52f85e9eeb4a8ad6a2639bb9754b3e7d089c99208f16e2cedf2fb80b707a571ddff1e9ff5e29f2822224ace75b3877e1434cbef86995b621892f
-
SSDEEP
24576:mM+VNbszISF1byxG7mCgnG5YtyOGvq7V5BcZZBjCCXKvG7RF/EqHYN2UA3Zeh:mwcu1byw7mCgnG5GyjivoC8EORF/E0K9
Behavioral task
behavioral1
Sample
05d48395-837a-49fa-8170-a9b789370bbe.dll
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
05d48395-837a-49fa-8170-a9b789370bbe.dll
Resource
win11-20250410-en
Behavioral task
behavioral3
Sample
Newtonsoft.Json.dll
Resource
win10v2004-20250410-en
Behavioral task
behavioral4
Sample
Newtonsoft.Json.dll
Resource
win11-20250410-en
Behavioral task
behavioral5
Sample
ReaLTaiizor.dll
Resource
win10v2004-20250314-en
Behavioral task
behavioral6
Sample
ReaLTaiizor.dll
Resource
win11-20250410-en
Behavioral task
behavioral7
Sample
SevenZipSharp.dll
Resource
win10v2004-20250314-en
Behavioral task
behavioral8
Sample
SevenZipSharp.dll
Resource
win11-20250410-en
Behavioral task
behavioral9
Sample
upd.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral10
Sample
upd.exe
Resource
win11-20250410-en
Malware Config
Extracted
gozi
Extracted
purecrypter
https://cdn.discordapp.com/attachments/1000747213397426258/1003112003574956072/upd_Awqcktbs.jpg
Targets
-
-
Target
05d48395-837a-49fa-8170-a9b789370bbe.dll
-
Size
7.3MB
-
MD5
b23bad75a7e05cef79beca5e83ab8430
-
SHA1
49915b2248277bcdcc630cd917c7b24b6c21ef31
-
SHA256
f5dc50444057a586ff44c3c6f84a213531ab9f115fd05d7bc321b17a54f9a4e1
-
SHA512
540ae85e69ff63a97dafde813bbaf1256e0c87b1a58b8768277f74d8bb73786b151df29f823788b036832d4c29d4cbd6193e77260c6721cfffc7cfc4685cd872
-
SSDEEP
98304:adDTHppTQBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYW2b/i2BoWow//:yM2PrW2UsCX+H
Score1/10 -
-
-
Target
Newtonsoft.Json.dll
-
Size
678KB
-
MD5
8a5e8bb8e0caad41d88c75223009f110
-
SHA1
cddad5b3b761f8a6762b9ba6e5a5526d49c91339
-
SHA256
57ed3a8b06c3ee40450d175eae8058edd164c20e95644614cc497cefdea01a00
-
SHA512
5a3a3adf0d40747f0cfa3348248b44033bd5f231031c8b8a3cc0d8c9dd71e9d4d3967c84bd1c38a8741904a76e7963096948dde8d71d2362824d11056b9fc26e
-
SSDEEP
12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3:U8m657w6ZBLmkitKqBCjC0PDgM5
Score1/10 -
-
-
Target
ReaLTaiizor.dll
-
Size
6.1MB
-
MD5
a5fc49ea61764ff45785f80144f7fa5d
-
SHA1
65e04e43e541b3a486e223b092fe87da7491055c
-
SHA256
d02c6aee20d595fe56d764ac36f287d9f38192eda22c3918d2700b76fb1f01e3
-
SHA512
d16c16dfa71dc511b8a51663a834629c9d07e8cd6b1fab24f651c6a7a3b76ee01a949bb7e638042a5b66d4f3c3d25583cd5f583f57b8cf830de760159c0bb9a9
-
SSDEEP
98304:mdDTHppTQBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYW2b/i2BoWow/0:eM2PrW2U
Score1/10 -
-
-
Target
SevenZipSharp.dll
-
Size
147KB
-
MD5
05c9849856abc683bcbc5c8d7921c146
-
SHA1
ad8ec49116b026eee2dd04d6434ede7ddce9734d
-
SHA256
49284b31f28d0a62d797cfcf17f464c8c2b22b29d0e8ab7c15c94724d83e595c
-
SHA512
c0bfb5d987fe06eba3a7b0f0c73e24cc74935a8d1efd8a79d64b36c56d498532e453049715fb8c1509eda50a0a2f1213ce67d1edaf6bfcb200e0be58af67ea5e
-
SSDEEP
3072:auMYWaB5+DBS4+aYX/PzJiXyjdZXUtd6uEhd/yZcvdUCG:auMYD7gJY1iXyjb
Score1/10 -
-
-
Target
upd.exe
-
Size
141KB
-
MD5
f45d7b351cc6417da06c7cd9247df80d
-
SHA1
a3c07f5e38456ffb0545c0bd85444d89ce972e9f
-
SHA256
4dc32bf8f52a30c9c30e876afeeb1621f0028222e6f194c95a72926fd1b2c259
-
SHA512
5cb78c2b6d79b4873a63b213dfea8b660c541bce8310f3c8cc6fab1df1bbf9dc036c5fbff7d366e398c542d1c119236f9a3cfccd9ad36ff59bbf6ee1a04183da
-
SSDEEP
3072:Lyts26Q/bJveWDpppppppppppppppppppppphxM+Dxr:WC2ispppppppppppppppppppppFM+Dx
Score10/10-
PureCrypter
PureCrypter is a .NET malware loader first seen in early 2021.
-
Purecrypter family
-