Analysis of PureCrypter, another modular loader 🖼️

PureCrypter is yet another modular loader widely used by threat actors to distribute their malware. SEKOIA assess that loaders will continue to be popular among threat actors, as this malware family notably avoids static detection by antivirus software. Encryption of the second-stage and the final payloads, as well as implemented anti-analysis techniques, further complexify detection and analysis.

We published results of our in-depth analysis in the FLINT 2022-051 - PureCrypter: a widely used loader distributing a variety of malware.

changelog_flint_051.png

To provide our customers with actionable intelligence, SEKOIA analysts will continue to track PureCrypter, analyse malware technical evolution and keep an eye on threats distributed by the loader.

Related resources:

What do you think about this update?