Behavioral task
behavioral1
Sample
New Project Sets KV222LLV1.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
New Project Sets KV222LLV1.exe
Resource
win10v2004-20240611-en
General
-
Target
6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59.zip
-
Size
3KB
-
MD5
bc797b2627159d7fef411eb615525956
-
SHA1
bd8dc0d4037423c6a808a69ef7d772919ce59077
-
SHA256
6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59
-
SHA512
c4df8318c657f9242295db734e151ca85940ed2bef5eedcebf68826eaf1d61750683b547fc2f101a0dd93a0d7bd13fd61291428855e56ed09edde243a20ffbb8
Malware Config
Extracted
purecrypter
https://360.asesoriaenfarmacias.com/Jhacc.dat
Signatures
-
Purecrypter family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack002/New Project Sets KV222LLV1.exe
Files
-
6b2ef408d4ea2f49033f4dba4400d2d81501db5aad6c0ad5f4959f1d4aea5f59.zip.zip
-
Quote Sample Specification.iso.iso
-
New Project Sets KV222LLV1.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ