purecrypter | file[.]gz | Triage

Sharing

General

Target

file.gz
Size

1.3MB
MD5

1fbb38a076974e7096240433fe11273c
SHA1

0fefab8c4375e0671d5c25dcc7e63fc416c49426
SHA256

c0cfa03c73a2b89cbe7567c333b262a15cbb4c24c0bcb225db1ad0e6f0f0c5d0
SHA512

270ea7594f2fa32cb3b65fbd2fb1deef1199e703771d06aa4da334f108ef04f320fffb726f4213158d4c4c5a7b3db793fb05a772cb7f97c75e679f31f2542d89
SSDEEP

24576:DmsXTz7wVedFFxd6LUOngGuFgRdSu5/Tep2CD5PqNHXe5:DzDzXF04OngGvdV5/yICDkNHXe5

Score

10^/10

loader purecrypter

Malware Config

Signatures

Detect PureCrypter injector 1 IoCs

resource	yara_rule
static1/unpack001/sample	family_purecrypter

Purecrypter family
purecrypter

Files

file.gz
.gz
sample
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ