purecrypter | Fn Cheetos(2)[.]zip | Triage

Sharing

General

Target

Fn Cheetos(2).zip
Size

26KB
MD5

21d1df958a3e4f257e05e850070a87bd
SHA1

9f00717bd864958b3c8ca9e7666f120029af114b
SHA256

868236b1d2af78d95d70b48ecbaff46082e9e268693300e4fcc367ed78e90893
SHA512

3690a17034d230c5334c1b35b285330182517165fb15d5e369ba28473b9981bdbecdca726c1937b33924e41ea979d5ed2dc40315a2883f4db68a12378d8fa7c2
SSDEEP

768:G1bOx6gd0EOv6Wo3DZsaJuaS8Ud5571/EEFq:Gq6LV6WkD2Gufd5N1/EEFq

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://files.catbox.moe/oe71uc.mp4

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Fn Cheetos(2)/main.exe

Files

Fn Cheetos(2).zip
.zip

Password: qqq
Fn Cheetos(2)/main.exe
.exe windows x64

Password: qqq

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Fn Cheetos(2)/pass.txt