Static task
static1
General
-
Target
Sin confirmar 605329.crdownload
-
Size
6.3MB
-
MD5
551bc3cc4c3aea7e88b24e3f55caa27d
-
SHA1
27350b213461e79f7d800f2a0d4a07489195ddca
-
SHA256
3f2e2b1bc1b06b7053e06cdea5dc511b7e90e32b661849f0114f9f09cf114c7b
-
SHA512
8be8c12334f5bb52e6c186bfc729a532ba1233b655c795eb78df5f7231baea44f0a6c7544157cb37474713c13144f30f7f37ba98ad6c1c2dbc5ba85ad811c6c5
-
SSDEEP
98304:qIW02lqngV40C8ECsLsZ+DL+kEaIIX5IwkK6/GdLc6g4bN2lbH0XHG:qf1V40C8E1g0+kEalI46e24baH2m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Sin confirmar 605329.crdownload
Files
-
Sin confirmar 605329.crdownload.exe windows x86
Password: infected
d619eda1a774da262071361b928bb2e4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
lstrcpyA
lstrcatA
lstrlenA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
_lclose
GetModuleFileNameA
_lread
_llseek
_lopen
_lwrite
_lcreat
CreateDirectoryA
SetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
CompareStringA
DeleteFileA
GetTempPathA
GetCurrentDirectoryA
CloseHandle
GetExitCodeProcess
GetLastError
LocalFree
GetCurrentProcess
MoveFileExA
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapReAlloc
RtlUnwind
HeapSize
Sleep
RemoveDirectoryA
FreeLibrary
IsValidCodePage
GetOEMCP
GetModuleHandleW
ExitProcess
DecodePointer
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
HeapCreate
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
user32
TranslateMessage
DispatchMessageA
PeekMessageA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA
MsgWaitForMultipleObjects
advapi32
GetTokenInformation
OpenProcessToken
shell32
ShellExecuteExA
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 119KB - Virtual size: 119KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ