purecrypter | 6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59[.]zip | Triage

Sharing

General

Target

6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59.zip
Size

3KB
MD5

bc797b2627159d7fef411eb615525956
SHA1

bd8dc0d4037423c6a808a69ef7d772919ce59077
SHA256

6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59
SHA512

c4df8318c657f9242295db734e151ca85940ed2bef5eedcebf68826eaf1d61750683b547fc2f101a0dd93a0d7bd13fd61291428855e56ed09edde243a20ffbb8

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://360.asesoriaenfarmacias.com/Jhacc.dat

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/New Project Sets KV222LLV1.exe

Files

6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59.zip
.zip
Quote Sample Specification.iso
.iso
New Project Sets KV222LLV1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ