purecrypter | 1d959cf6e366a2217cfef71d9df9e9835c2b1bd7e21b73f345ca621fb05e289e

General

Target

1d959cf6e366a2217cfef71d9df9e9835c2b1bd7e21b73f345ca621fb05e289e
Size

6KB
MD5

aaa9c629b1c73e539c1d8dc97cac6175
SHA1

6702bd76f35e36fb8d30584feea90157fa77ca05
SHA256

1d959cf6e366a2217cfef71d9df9e9835c2b1bd7e21b73f345ca621fb05e289e
SHA512

537d78c8bf759b5b3d41dbc09944fce2324c62ecfd27f5b7ae8d3ac7fab90b2fe8625685b0a54c441fc604042a32daa5b5f2a27013d38e8b77bbebdba1b1c12b
SSDEEP

192:nsJNSQh/bcHCJXvxUIzx512WTQcBYsJ2z0ak3Cao3f:nKM+BJXvPV2/cB/cVkyxf

Score

10^/10

purecrypter

Family

purecrypter

C2

https://dweb.link/ipfs/QmQZwo24sTz9krEKDvs4oFbPqeZq6ECYP81aqMx2Bdc7ES?filename=Mnzxgfx_Rbhpuzuo.jpg

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ea8df8dbe183507d1a924a7af3ed3e394f61830745074659744cbf6e60724891

1d959cf6e366a2217cfef71d9df9e9835c2b1bd7e21b73f345ca621fb05e289e
.zip

Password: infected
ea8df8dbe183507d1a924a7af3ed3e394f61830745074659744cbf6e60724891
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ