crunch_win[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

crunch_win.exe
Size

55KB
MD5

1b382ebece34de39f611011348d75899
SHA1

a7155808bc2eb4ab27b4a29f61e5eacc448bbbcf
SHA256

1df5f3339b1008c62db01334ac4d8b3c6d5b50dc7c35e62f9b6e3fb5d00ff892
SHA512

5d18cba5e28925aa5905c5611eb551fca7e67ee3b7a3c777615e0fe935c6d5b4d800f2c6350dcd57e23b37e2e2dcc79161aec48740090f9d8d0dfd4480a14bf3
SSDEEP

1536:mKqzYYxWhmCG+DoF08Xb39YB7E3lUtiMCWjxJq55s7rUPtQwjwJmWk/siQCNeI:mSmCc0K2RE3GtiMCWjxJq55s7IPtQwjR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
crunch_win.exe

Files

crunch_win.exe
.exe windows x86

b582215a8893b5c4313b8816dd0d1e93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_execlp
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_beginthread
_cexit
_endthread
_errno
_iob
_onexit
_setmode
abort
atexit
atoi
calloc
exit
fclose
fgets
fopen
fprintf
fputc
fputs
free
fseek
fwrite
malloc
mbstowcs
memcpy
pow
qsort
remove
rename
setlocale
signal
strcat
strchr
strcmp
strerror
strncat
strncmp
strncpy
strrchr
strstr
strtok
strtoul
tolower
toupper
vfprintf
wcschr
wcscmp
wcslen
wcsncat
wcsncmp
wcstombs
wctomb

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 760B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b582215a8893b5c4313b8816dd0d1e93

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 7KB - Virtual size: 6KB

.eh_fram Size: 1024B - Virtual size: 928B

.bss Size: - Virtual size: 760B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 7KB - Virtual size: 6KB

.eh_fram
Size: 1024B - Virtual size: 928B

.bss
Size: - Virtual size: 760B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B