purecrypter | 36199b53f78244d35cdb75f088e4c63b_JaffaCakes118 | Triage

Sharing

General

Target

36199b53f78244d35cdb75f088e4c63b_JaffaCakes118
Size

15KB
MD5

36199b53f78244d35cdb75f088e4c63b
SHA1

2215ed59538f0560920add89bfff9aa443714ec8
SHA256

7086f1bad84429dbd77ddfa5eeda3339c82c11bd18cb792c3cd027e924976fec
SHA512

35cad9ee38ab22da4148dbec7814eeabdc11f62f614a6c8572c1c804e207931938e2b52418d3b7b88a7c376f39e83c864fa0168625ecb1b1e7030f9d91c23e30
SSDEEP

384:VJYXWV5jsuQI5byesv4mZmcpsd8uCnA0KGY:v9V5jsdI56Ec2dp6vKGY

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://store2.gofile.io/download/8ce405ad-0ec4-4b82-9f2d-8d4ceab524d7/Lotrcnlgrg.dll

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/INQRY-71416-S2-1109972-pdf.exe

Files

36199b53f78244d35cdb75f088e4c63b_JaffaCakes118
.rar
INQRY-71416-S2-1109972-pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ