General
-
Target
CryptOne_Exec_bafd67655881338781812220378d512f026eeaa1362a73317c501585b037cee8.bin
-
Size
849KB
-
MD5
925c2c293756905cfbbcd7dcabe2e422
-
SHA1
565ed5eea7f747a05265b06fae49d5e3de9235c8
-
SHA256
c08e9b44352d823f8a127918f362bd87863daa6f8efddd744da433679e0f4748
-
SHA512
01c99d16304a9f62014814c4e0beb4fb6553f5d052ef2e521063f015ae274da8b789b4323dae6037644cb298e410fa1a30f9c993c7d6d52401ad09102e566e38
-
SSDEEP
24576:Oj1mUhVzjbzQsimZZBohglclfpKr20leNttt:OpmojBZZBxuVz0sbtt
Malware Config
Extracted
vidar
47.8
869
https://mas.to/@romashkin
-
profile_id
869
Signatures
Files
-
CryptOne_Exec_bafd67655881338781812220378d512f026eeaa1362a73317c501585b037cee8.bin.exe windows x86
3fea40ded92aafea7f0a1fde4b96095c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAlloc
VirtualAllocExNuma
GetCurrentProcess
LocalAlloc
LocalFree
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
CreateDirectoryA
FindClose
FindNextFileW
DeleteFileW
lstrcmpW
FindFirstFileW
lstrcatW
lstrcpyW
FindNextFileA
CopyFileA
FindFirstFileA
GetDriveTypeA
GetLogicalDriveStringsA
DeleteFileA
GetCurrentProcessId
SetCurrentDirectoryA
CopyFileW
CloseHandle
WriteFile
CreateFileA
MultiByteToWideChar
ReadFile
GetFileSize
GetVersionExA
GetFileSizeEx
GetCurrentDirectoryA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
FreeLibrary
GetFileAttributesA
GetPrivateProfileSectionNamesA
FileTimeToSystemTime
InterlockedCompareExchange
OutputDebugStringW
OutputDebugStringA
WaitForSingleObjectEx
WaitForSingleObject
UnmapViewOfFile
UnlockFileEx
UnlockFile
SystemTimeToFileTime
SetFilePointer
SetEndOfFile
QueryPerformanceCounter
MapViewOfFile
LockFileEx
LockFile
LoadLibraryW
HeapCompact
HeapValidate
VirtualFree
HeapReAlloc
HeapDestroy
HeapCreate
GetVersionExW
GetTickCount
GetTempPathW
GetTempPathA
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
FormatMessageW
FormatMessageA
FlushFileBuffers
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
AreFileApisANSI
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
GetComputerNameA
IsWow64Process
GlobalMemoryStatus
GetModuleHandleA
GetUserDefaultLocaleName
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
GetLocaleInfoA
GetFileInformationByHandle
GetLocalTime
CompareStringW
SetStdHandle
WideCharToMultiByte
Sleep
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
SetEnvironmentVariableA
SetEnvironmentVariableW
GetModuleFileNameW
IsValidCodePage
GetOEMCP
GetACP
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
HeapSize
ExitProcess
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
RaiseException
RtlUnwind
ExitThread
CreateThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
WriteConsoleW
user32
GetDesktopWindow
advapi32
GetUserNameA
shell32
SHFileOperationA
ShellExecuteA
SHGetFolderPathA
shlwapi
PathMatchSpecA
PathMatchSpecW
ord155
gdiplus
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
Sections
.text Size: 738KB - Virtual size: 737KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE