purecrypter | f383d1763dcdc1e2067ceb0a8a991e4c[.]bin | Triage

Sharing

General

Target

f383d1763dcdc1e2067ceb0a8a991e4c.bin
Size

1.2MB
MD5

4c870c848be339d9272a368e476f04d0
SHA1

3e0c2e8f662fd5dabc967203906c1b27b4697eac
SHA256

93052a226e8ae993c31d7c6decef10a924e143231281a4aa46119d6584ee72ba
SHA512

c6eeb004875a97b0a3d017c4a0d2309a1153bb909ebe3cd0ef8cd72febc7d9862af0078ca983c2e5243ac87d731ee19b6775fb4fbaa95955c1cef7e28984a784
SSDEEP

24576:lBBBnXW4t7Zg88ngOIZiQQsioiH2h1KQuPk2uygOAydKHL5ym+x2E:n3bjssioikUlTBanHS

Score

10^/10

loader purecrypter

Malware Config

Signatures

Detect PureCrypter injector 1 IoCs

resource	yara_rule
static1/unpack001/7807253caffdfc2273c16860e7bf893d835d9ce2c2c2dd65f4af9552e8e2e398.dll	family_purecrypter

Purecrypter family
purecrypter

Files

f383d1763dcdc1e2067ceb0a8a991e4c.bin
.zip

Password: infected
7807253caffdfc2273c16860e7bf893d835d9ce2c2c2dd65f4af9552e8e2e398.dll
.dll windows x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ