Behavioral task
behavioral1
Sample
Product list.scr
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Product list.scr
Resource
win10v2004-20240226-en
General
-
Target
ec5d3735d3fbc85b1ba98cce0ecd8318c1dc0118d112b3c2e00cead058aa2db7
-
Size
110KB
-
MD5
600c5daf359d5d9a67f79ff421519812
-
SHA1
1a0d96937257b162b2d700d166948dc9c2ef2ece
-
SHA256
ec5d3735d3fbc85b1ba98cce0ecd8318c1dc0118d112b3c2e00cead058aa2db7
-
SHA512
7af1d23da075c62eb1a22ca711f1813454e1d0ce3f4b0abb82b9497c5c06843a7910d039e2c62fc9f710ad5acdcbdd08fe9c17a60ed88ef2296935bf78c0640b
-
SSDEEP
3072:udHQGs/wjjjpvFi15A/eNjIb5jw5pzASsrI:PGs/Mjjpvo15AWhINEkSsE
Malware Config
Signatures
-
PureLog Stealer payload 1 IoCs
Processes:
resource yara_rule static1/unpack001/Product list.scr family_purelog_stealer -
Purelogstealer family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Product list.scr
Files
-
ec5d3735d3fbc85b1ba98cce0ecd8318c1dc0118d112b3c2e00cead058aa2db7.rar
-
Product list.scr.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 254KB - Virtual size: 254KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ