purecrypter | ad918477a60ad0ec51338bd30df7bfdf[.]bin | Triage

Sharing

General

Target

ad918477a60ad0ec51338bd30df7bfdf.bin
Size

3KB
MD5

1c4d6bf99804ad6fdfa69fafd07caf11
SHA1

12cb859877c6ab03a3332b65552680c4a7e9e1ea
SHA256

d76b309d7faae0887d9f2d9f67399434a90edfe93eebefd3366a53fdc99c709c
SHA512

ed41fcddaaef1b0cb40d0a235545cc5b3fc75fa130c9df4cc0f95b92bb61452933b2e2290a9e0ab227cd8f0496326a0528db1938699d9002d2275fb1db978152

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://360.asesoriaenfarmacias.com/Rwnpjrqq.vdf

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c36f49ce80e9ad92355502e044e74966cdcb1fb64f98da33d23ffc98f80cb067.exe

Files

ad918477a60ad0ec51338bd30df7bfdf.bin
.zip

Password: infected
c36f49ce80e9ad92355502e044e74966cdcb1fb64f98da33d23ffc98f80cb067.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ