MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4f7c1bbdcb720b61add93c7b7370f3b6041276f4cd58a05b69aaa189ba43aa26. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

PureCrypter

Vendor detections: 4

Intelligence 4 IOCs YARA 8 File information Comments

SHA256 hash:	4f7c1bbdcb720b61add93c7b7370f3b6041276f4cd58a05b69aaa189ba43aa26
SHA3-384 hash:	2ff5964aabcb1ed655f2a9469faf7465bf479bf1e13fa6b98d146cea7f82bf1b43f603a8e11a9134072beb1bdb3fb237
SHA1 hash:	3cbd5036e0a9c345371d50422b621903a7dfc190
MD5 hash:	ed21eadfce1edefe216a98a5af9d67aa
humanhash:	fish-lake-wyoming-north
File name:	árajánlatkérés.img
Download:	download sample
Signature	PureCrypter Create hunting rule
File size:	239'616 bytes
First seen:	2025-03-05 06:58:25 UTC
Last seen:	Never
File type:	img
MIME type:	application/x-iso9660-image
ssdeep	3072:iMPf6ZE79630T4303O2AaFMM/AgYXMl9iKq35MBhlX8FaJ:iMDm2Amb1t
TLSH	T154348637B68A85B1D2506736C4E7252007B5FA8166F3DB0FBD8E13DA0A537AB9C5070B
TrID	88.5% (.NULL) null bytes (2048000/1) 11.0% (.HTP) HomeLab/BraiLab Tape image (256000/1) 0.2% (.ATN) Photoshop Action (5007/6/1) 0.1% (.ISO) ISO 9660 CD image (2545/36/1) 0.0% (.BIN/MACBIN) MacBinary 1 (1033/5)
Magika	iso
Reporter	smica83
Tags:	HUN img purecrypter

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:	árajánlatkérés.mg.exe
File size:	186'880 bytes
SHA256 hash:	2852c2dffd46554bf1f3ceede3a30574a52215ee3a311759fdf59d024c82121a
MD5 hash:	a2b1766a61d1db66343b1ec2f7e9c59c
MIME type:	application/x-dosexec
Signature	PureCrypter

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Win32.CrypterX-gen.15231.7157.UNOFFICIAL

Verdict:

Malicious

Score:

81.4%

Link:

https://cyber-fortress.com/docs/result/index.php?id=67c7f860c668b65489bf1552

Tags:

virus

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/4f7c1bbdcb720b61add93c7b7370f3b6041276f4cd58a05b69aaa189ba43aa26/

Threat name:

Win32.Trojan.Jalapeno

Status:

Malicious

First seen:

2025-03-05 06:59:13 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

16 of 23 (69.57%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=j56bxpoloifwdlozhr5xg4htwycbe5xuzvmkaw3jvkqytosdvita._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/4f7c1bbdcb720b61add93c7b7370f3b6041276f4cd58a05b69aaa189ba43aa26

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:	Lumma_Stealer_Detection Create hunting rule
Author:	ashizZz
Description:	Detects a specific Lumma Stealer malware sample using unique strings and behaviors
Reference:	https://seanthegeek.net/posts/compromized-store-spread-lumma-stealer-using-fake-captcha/

Rule name:	NET Create hunting rule
Author:	malware-lu

Rule name:	pe_imphash Create hunting rule

Rule name:	Skystars_Malware_Imphash Create hunting rule
Author:	Skystars LightDefender
Description:	imphash

Rule name:	SUSP_EXE_in_ISO Create hunting rule
Author:	SECUINFRA Falcon Team
Description:	Detects ISO files that contains an Exe file. Does not need to be malicious
Reference:	Internal Research