purecrypter | f170fd20713fd75cab9e7f107f099e9a[.]bin | Triage

Sharing

General

Target

f170fd20713fd75cab9e7f107f099e9a.bin
Size

1.2MB
MD5

1f562783751f99150cd106eac09ace52
SHA1

84d7bccc328d73319e044133b8773777ca760702
SHA256

2011f38290da194b4dd4a7c0b9af2f9c8a627c05db4bf0fc26595a473ad9b616
SHA512

ecbc3c68f60308c2cb90022d8e3867efab3dc29861f947896ce40352b2e4949fe5822b0ccb24ee0df3ecbfa040506ed9f9a020da018200955eaa032da344d745
SSDEEP

24576:S0ExDphq5/e6tcGvw3oJdZrAj7q0Zk3gCX2+pmYqN5ZUol61RYIbj9HJVi0:ST3w/e6tcuuFkwCX2OVqN5ZxENnbVi0

Score

10^/10

loader purecrypter

Malware Config

Signatures

Detect PureCrypter injector 1 IoCs

resource	yara_rule
static1/unpack001/46962910101f24cea5430b64f9ff9830585a94824b8835c452c36e2db74ed033.dll	family_purecrypter

Purecrypter family
purecrypter

Files

f170fd20713fd75cab9e7f107f099e9a.bin
.zip

Password: infected
46962910101f24cea5430b64f9ff9830585a94824b8835c452c36e2db74ed033.dll
.dll windows x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ