purecrypter | 05502299[.]bin | Triage

Sharing

General

Target

05502299.bin
Size

3KB
MD5

82490566dfd6092c11dfdf68f408392c
SHA1

fb5fda92591ae62601be9e74c1bdbb4e1dc6af2c
SHA256

a39cc0d58861c1b3df1a65929b71441f28852a99e407921045fe5062e5c20a15
SHA512

df97978099cc74b1fdc5b9a8268437a5a36d8c73526a038ce0520e0e1b3f765a1e76bb90b861dceeb745122bf03dc6b649d664cb4a9a68fd7432ca2e7b3ef4d3

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://files.catbox.moe/6dlgj3.mp4

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5780663f3e32e0308caa2cc657ccdcaadf393f22d2c1c3c1f5afa9f55aa136bb.exe

Files

05502299.bin
.zip

Password: infected
5780663f3e32e0308caa2cc657ccdcaadf393f22d2c1c3c1f5afa9f55aa136bb.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ