purecrypter | 5db56a2a691ad99d68488038487b9ce2[.]bin | Triage

Sharing

General

Target

5db56a2a691ad99d68488038487b9ce2.bin
Size

1.2MB
MD5

0029f018e1c804437a5453332f09da11
SHA1

3dbef0075b0a8909f999d0b2e8b6ae65f4cb2caa
SHA256

305539bf47f742465383068b3b5cd82e887cc88d327333bad9bfb3cba785c06b
SHA512

a81e7477775c8875e74664f54d38ce92dd229ec2d4e08707ce5dfad57178034616dc3f0cc2704b1e1e7a0de06597153d193ac4f9030ca824ebaeea6da949441a
SSDEEP

24576:XUEnLaQ+aluktAYImJeFjiQZw4XPa98Wy8WzvNh+ZyLMS:XUQj+0jXImJeFVwCP683NNhCS

Score

10^/10

loader purecrypter

Malware Config

Signatures

Detect PureCrypter injector 1 IoCs

resource	yara_rule
static1/unpack001/cee061e30661c66afd79c2db18777cf4555e3d98b1efff521d1007a5c16b815d.dll	family_purecrypter

Purecrypter family
purecrypter

Files

5db56a2a691ad99d68488038487b9ce2.bin
.zip

Password: infected
cee061e30661c66afd79c2db18777cf4555e3d98b1efff521d1007a5c16b815d.dll
.dll windows x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ