purecrypter | fdd2f22f85ac82786f7614f0f9bda182[.]bin | Triage

Sharing

General

Target

fdd2f22f85ac82786f7614f0f9bda182.bin
Size

1.2MB
MD5

da7b64bd81a563e8974fa84ce98f6ed6
SHA1

4062adcbb099942f8edee450d522085df8980458
SHA256

1fe05c6f5959acd30984e6413e7153b8517840e02ab3cdeffeeaeb84c7ce8650
SHA512

7726161879410473159b45ddc8cd51a429da2c63e921ac19cd267766c8a45579dc6e7d7ec6040efbc706fc7ac9b1015f68b5aaae41f981db39e8d79b1b75ee83
SSDEEP

24576:jYee5BpC1ZNaRmQL0MXMlE8GSulh8dT/LQ4hreES+MPGjNb7ET:w5K/QLZXIE8G3lh8dnQ454wBS

Score

10^/10

loader purecrypter

Malware Config

Signatures

Detect PureCrypter injector 1 IoCs

resource	yara_rule
static1/unpack001/2ca156b0edea7b919b4c5e87ea24609b57c730b16a4303baf8946ebc02f7edaa.dll	family_purecrypter

Purecrypter family
purecrypter

Files

fdd2f22f85ac82786f7614f0f9bda182.bin
.zip

Password: infected
2ca156b0edea7b919b4c5e87ea24609b57c730b16a4303baf8946ebc02f7edaa.dll
.dll windows x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ