all InfoSec news
Technical Analysis of PureCrypter: A Fully-Functional Loader Distributing Remote Access Trojans and Information Stealers
Security Boulevard securityboulevard.com
Key points
PureCrypter is a fully-featured loader being sold since at least March 2021
The malware has been observed distributing a variety of remote access trojans and information stealers
The loader is a .NET executable obfuscated with SmartAssembly and makes use of compression, encryption and obfuscation to evade antivirus software products
PureCrypter features provide persistence, injection and defense mechanisms that are configurable in Google’s Protocol Buffer message format
Summary
PureCrypter is actively being developed by a threat actor using the …
access analysis information information stealers loader remote access technical technical analysis trojans