purecrypter | New_June_Inquiry_List_pdf[.]exe | Triage

Sharing

General

Target

New_June_Inquiry_List_pdf.exe
Size

16KB
MD5

591e267c3c3fc95e1b84ee7843020a21
SHA1

45f9b427710eac28329970920abf210cc69756eb
SHA256

c522f03de2ed9ba6ab245531894530cbccdf2f32feade620101554f8cec45343
SHA512

4cb9933d4a834757c62d2b64456fa6883a6e240aa1510e47c0f971acc1098d49921d48b9fd52554c0e4c33331612c030172b1224ebdf00501037e1793fa8288f
SSDEEP

384:zJWPGVN7vW2AKzfqtCjVE8Oe9+XDunbDG3WqylW:zJW4nTqWEDDunXGu

Score

10^/10

purecrypter

Malware Config

Extracted

Family

purecrypter

C2

https://ipedpk.com/Trashh/Ckklfnqgat.mp4

Signatures

Purecrypter family
purecrypter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
New_June_Inquiry_List_pdf.exe

Files

New_June_Inquiry_List_pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ