purecrypter | Remittance of $76,000[.]00-pdf[.]gz | Triage

Sharing

General

Target

Remittance of $76,000.00-pdf.gz
Size

3KB
MD5

356d46d40500336b4957b9afee5d8efa
SHA1

1176da001c195199b05d3df07f14b2a6f6346fbb
SHA256

777530c2f0d12654c4f47b987f2c8bf18b3afd040d4c9057ea37b2d52e423ff5
SHA512

53255bed3c17acce701b8444db8a7c5e941d03e97119b4f2cd9a4a54b98e7bd01e3abee10682e1fe15a424c268d2c68a8927943fff34f4fea9873ce10b7ce9ae

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

http://85.31.45.42/Hmumry.png

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Remittance of $76,000.00.exe

Files

Remittance of $76,000.00-pdf.gz
.rar
Remittance of $76,000.00.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ