Crack_UCSCTTMDSAEAGO[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Crack_UCSCTTMDSAEAGO.exe
Size

6.7MB
MD5

50ff268cdf51c96a0e382290d3ab0924
SHA1

9b224814cc14e84d7cc6fdb4832c9e6ca6ad0b7f
SHA256

6e23925946ee2caa7a41a10d507bede6cff8d9d083df27596d34e9c2dc522315
SHA512

e526137c84ebdaa216754502111d680734e76c6ced6ff1b2aefba7908127118ab7a2f6ef4812a5b2ac2732e66f45b33f878631f29ced296a06ba2b3ff4c9bdf1
SSDEEP

49152:GJqbA7yJ5qeWNP3pLCaexhE2/QH1s6dZOZW41i9UDyVU9iY4MoVTHk3+GWOmRbW5:/mixhEflONcFUK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Crack_UCSCTTMDSAEAGO.exe

Files

Crack_UCSCTTMDSAEAGO.exe
.exe windows:6 windows x64 arch:x64

650ab46fc59c8c6aaaf32b5753850222

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

/var/tmp/build/firefox-cc4c8eaff833/obj-mingw/browser/app/../../dist/bin/firefox.pdb

Imports

mozglue

_Z23DllBlocklist_Initializej
_ZN7mozilla12PrintfTarget6vprintEPKcPc
_ZN7mozilla12PrintfTargetC2Ev
_ZN7mozilla12baseprofiler13profiler_initEPv
_ZN7mozilla12baseprofiler14ProfilingStack18ensureCapacitySlowEv
_ZN7mozilla12baseprofiler17AutoProfilerLabel17GetProfilingStackEv
_ZN7mozilla12baseprofiler17profiler_shutdownEv
_ZN7mozilla12baseprofiler26profiler_current_thread_idEv
_ZN7mozilla12baseprofiler9AddMarkerINS0_7markers10TextMarkerEJNSt3__112basic_stringIcNS4_11char_traitsIcEENS4_9allocatorIcEEEEEEENS_23ProfileBufferBlockIndexERKNS_18ProfilerStringViewIcEERKNS_14MarkerCategoryEONS_13MarkerOptionsET_DpRKT0_
_ZN7mozilla18IsWin32kLockedDownEv
_ZN7mozilla19MapRemoteViewOfFileEPvS0_yS0_ymm
_ZN7mozilla21CleanupProcessRuntimeEv
_ZN7mozilla24WindowsDpiInitializationEv
_ZN7mozilla26PollPreXULSkeletonUIEventsEv
_ZN7mozilla30CreateAndStorePreXULSkeletonUIEP11HINSTANCE__iPPc
_ZN7mozilla5mscom6detail21EndProcessRuntimeInitEv
_ZN7mozilla5mscom6detail23BeginProcessRuntimeInitEv
_ZN7mozilla6detail9MutexImpl4lockEv
_ZN7mozilla6detail9MutexImpl6unlockEv
_ZN7mozilla6detail9MutexImplD2Ev
_ZN7mozilla9TimeStamp11NowUnfuzzedEb
_ZN7mozilla9TimeStamp3NowEb
_ZNK17double_conversion23DoubleToStringConverter20ToShortestIeeeNumberEdPNS_13StringBuilderENS0_8DtoaModeE
_aligned_free
_aligned_malloc
_strdup
_wcsdup
calloc
free
malloc
moz_xmalloc
mozalloc_abort
realloc
strdup

ntdll

NtMapViewOfSection
NtOpenFile
NtQueryInformationProcess
NtQueryVirtualMemory
NtReadVirtualMemory
NtUnmapViewOfSection
RtlAcquireSRWLockExclusive
RtlAcquireSRWLockShared
RtlAllocateHeap
RtlCaptureStackBackTrace
RtlCompareMemory
RtlCompareUnicodeString
RtlDuplicateUnicodeString
RtlEqualUnicodeString
RtlFreeHeap
RtlFreeUnicodeString
RtlGetLastWin32Error
RtlGetVersion
RtlInitUnicodeString
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlQueryPerformanceCounter
RtlReAllocateHeap
RtlReleaseSRWLockExclusive
RtlReleaseSRWLockShared
RtlRestoreContext
RtlRunOnceExecuteOnce
RtlRunOnceInitialize
RtlSetLastWin32Error
RtlUnwindEx
RtlVirtualUnwind
VerSetConditionMask
memcmp
memcpy
memmove
memset

api-ms-win-crt-convert-l1-1-0

_ltoa
_strtod_l
_strtoi64_l
_strtoui64_l
mbrtowc
mbsrtowcs
strtod
strtol
strtoul
wcrtomb
wcrtomb_s
wcstod
wcstol
wcstoul

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
_putenv
_wgetenv
getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr
_fdopen

api-ms-win-crt-private-l1-1-0

__C_specific_handler
memchr
strrchr
wcschr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__p__acmdln
__sys_nerr
_assert
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_register_thread_local_exe_atexit_callback
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal
strerror_s

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vswprintf
_close
_dup
_fileno
_get_osfhandle
_open
_wfopen
_write
fclose
fflush
fgets
fopen
fputc
fputs
fread
freopen
fseek
ftell
fwrite

api-ms-win-crt-string-l1-1-0

_isctype_l
_iswalpha_l
_iswcntrl_l
_iswdigit_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_strcoll_l
_stricmp
_strnicmp
_strxfrm_l
_tolower_l
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsicmp
_wcsnicmp
_wcsxfrm_l
islower
isspace
isupper
iswctype
iswspace
isxdigit
mbrlen
strcmp
strcpy
strlen
strncmp
tolower
towlower
towupper
wcscmp
wcscpy
wcscpy_s
wcslen
wcsncmp
wcspbrk
wcstok_s

api-ms-win-crt-utility-l1-1-0

rand_s

advapi32

AccessCheck
CheckTokenMembership
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CopySid
CreateProcessAsUserW
CreateRestrictedToken
CreateWellKnownSid
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
DuplicateToken
DuplicateTokenEx
EqualSid
FreeSid
GetAce
GetKernelObjectSecurity
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
ImpersonateLoggedOnUser
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
IsValidSid
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegDisablePredefinedCache
RegGetValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterEventSourceW
ReportEventW
RevertToSelf
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityInfo
SetThreadToken
SetTokenInformation
SystemFunction036

shell32

CommandLineToArgvW

kernel32

AcquireSRWLockExclusive
AssignProcessToJobObject
AttachConsole
CloseHandle
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DeleteCriticalSection
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
ExpandEnvironmentStringsW
FileTimeToSystemTime
FlsAlloc
FlsGetValue
FlsSetValue
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetCommandLineW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileType
GetLastError
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessHandleCount
GetProcessHeaps
GetProcessId
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadId
GetThreadPriority
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersionExW
GetVolumePathNameW
HeapDestroy
HeapSetInformation
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
IsDebuggerPresent
IsWow64Process
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
ProcessIdToSessionId
QueryFullProcessImageNameW
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ResetEvent
ResumeThread
SearchPathW
SetDllDirectoryW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
UpdateProcThreadAttribute
VerifyVersionInfoW
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteFile
WriteProcessMemory
lstrcmpiA
lstrlenW

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
__pctype_func
_configthreadlocale
_create_locale
_free_locale
localeconv
setlocale

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_strftime_l
_tzset

api-ms-win-crt-multibyte-l1-1-0

_mbtowc_l

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Exports

Exports

GetDependentModulePaths
GetHandleVerifier
GetNtLoaderAPI
IsSandboxedProcess
NativeNtBlockSet_Write

Sections

.text
Size: 977KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.freestd
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

650ab46fc59c8c6aaaf32b5753850222

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mozglue

ntdll

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

advapi32

shell32

kernel32

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 977KB - Virtual size: 976KB

.rdata Size: 210KB - Virtual size: 209KB

.buildid Size: 512B - Virtual size: 137B

.data Size: 1024B - Virtual size: 17KB

.pdata Size: 31KB - Virtual size: 30KB

.freestd Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 24B

.rsrc Size: 372KB - Virtual size: 372KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 977KB - Virtual size: 976KB

.rdata
Size: 210KB - Virtual size: 209KB

.buildid
Size: 512B - Virtual size: 137B

.data
Size: 1024B - Virtual size: 17KB

.pdata
Size: 31KB - Virtual size: 30KB

.freestd
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 24B

.rsrc
Size: 372KB - Virtual size: 372KB

.reloc
Size: 7KB - Virtual size: 7KB