4a805b53c2beef4a5421e429826f68f20fc20a80bb21abd75b84f0e3cc4841e9

Sharing

Copy URL

Twitter E-mail

General

Target

4a805b53c2beef4a5421e429826f68f20fc20a80bb21abd75b84f0e3cc4841e9
Size

217KB
MD5

d3965ca520a87fc3ad3a874bb0bf118c
SHA1

47c46bf49be2a5f6e64c38aa8ed2ae0aacd9e6dd
SHA256

4a805b53c2beef4a5421e429826f68f20fc20a80bb21abd75b84f0e3cc4841e9
SHA512

3bcae7eabf7b6486f473647a37c394061c3f67f02386ea0df22ee3a068dc575bd56d37df38ffd35807959b7a8de480dae3b6ef80e46a58d15bc6e3448d953113
SSDEEP

3072:gE4+/O3bXDZlcowpRdGPxzeUOWoHzB/gGxT+rpPC0dLyFWOJ7GXGD7Z:Bj/OrXt5w/d19WoHzB//xTMNyFLGXGH

Score

9^/10

cryptone packer

Malware Config

Signatures

CryptOne packer 1 IoCs
Detects CryptOne packer defined in NCC blogpost.
cryptone packer

Processes:

resource yara_rule

sample cryptone

resource	yara_rule
sample	cryptone

Files

4a805b53c2beef4a5421e429826f68f20fc20a80bb21abd75b84f0e3cc4841e9
.exe windows x64

03ad72b3aab35de73c34a6f9f32f8e4d

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrlenW
lstrlenA
lstrcpynW
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcatA
WriteFile
WideCharToMultiByte
VirtualQuery
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetLastError
SetFilePointer
SetEndOfFile
SetCurrentDirectoryW
RtlUnwind
ReadFile
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GlobalFree
GetWindowsDirectoryW
GetVersion
GetUserDefaultUILanguage
GetTickCount
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDefaultUILanguage
GetStdHandle
GetStartupInfoA
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLastError
GetFileType
GetFileSize
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCommandLineW
GetACP
FreeLibrary
FindFirstFileW
FindClose
ExitThread
ExitProcess
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateFileW
CreateFileMappingW
CreateFileA
CreateDirectoryA
CopyFileA
CompareStringW
CloseHandle

user32

GetWindowPlacement
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsChild
IsClipboardFormatAvailable
GetWindowLongW
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadKeyboardLayoutW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxExW
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
RemovePropW
ScreenToClient
ScrollDC
ScrollWindow
SendMessageA
SendMessageCallbackA
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuItemInfoW
SetParent
SetPropA
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
ToAscii
TrackPopupMenu
TrackPopupMenuEx
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect
WaitForInputIdle
WaitMessage
WindowFromDC
WindowFromPoint
LoadIconA
GetWindowDC
GetWindow
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetPropA
GetParent
GetNextDlgTabItem
GetMessageW
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuItemRect
GetMenuItemInfoW
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetClassLongW
GetClassInfoW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FindWindowExA
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumDisplaySettingsW
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIconIndirect
CreateIcon
CountClipboardFormats
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPointEx
ChildWindowFromPoint
CheckMenuItem
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextW
CharLowerW
CharLowerBuffW
CharLowerBuffA
CallWindowProcW
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AttachThreadInput
AnimateWindow
AdjustWindowRectEx
ActivateKeyboardLayout
IsDialogMessageA

gdi32

CopyEnhMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHalftonePalette
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontsW
ExcludeClipRect
ExtCreatePen
ExtFloodFill
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBkColor
GetBrushOrgEx
GetClipBox
CombineRgn
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetMapMode
GetNearestPaletteIndex
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextAlign
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
OffsetRgn
PatBlt
Pie
PlayEnhMetaFile
PolyBezier
PolyBezierTo
Polygon
Polyline
CloseEnhMetaFile
Chord
BitBlt
GetClipRgn
UnrealizeObject
TextOutW
StretchDIBits
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPixelV
SetPixel
SetPaletteEntries
SetMapMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
RemoveFontResourceW
RemoveFontResourceExW
Rectangle
RectVisible
RealizePalette
Arc

advapi32

RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey

Sections

.text2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03ad72b3aab35de73c34a6f9f32f8e4d

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text2 Size: 512B - Virtual size: 100B

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 4KB

.pdata Size: 512B - Virtual size: 156B

.text2
Size: 512B - Virtual size: 100B

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 156B