Overview

overview

8

Static

static

7

Crusher.bat

windows7-x64

8

Crusher.bat

windows10-2004-x64

8

freddurstpayload.bat

windows7-x64

8

freddurstpayload.bat

windows10-2004-x64

8

laughpayload.bat

windows7-x64

8

laughpayload.bat

windows10-2004-x64

8

lol.vbs

windows7-x64

1

lol.vbs

windows10-2004-x64

1

nircmd.exe

windows7-x64

7

nircmd.exe

windows10-2004-x64

7

windowpayload.bat

windows7-x64

8

windowpayload.bat

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Crusher.zip

  • Size

    20.8MB

  • MD5

    05c3c22bcf1e3132fa613060371f14aa

  • SHA1

    812828415b9b83f4f24584dc19aa44c78394e459

  • SHA256

    a799783600bfc7c93074b7eace12f1ba2aed930e2beb67388e5b2158fe0b5ef6

  • SHA512

    b6f8004ef7800f4fb847bc5f1dfa4cef2df9039d3644c429499e1dacaef6a278cd78fc4ae6df613bfe64852977412cafd607c79c9306e369f8e9e79c5aa325c3

  • SSDEEP

    393216:zun/86YQXECB1405XVMPxzNc8+M8FOKfefC1Cpjg5gkWk4tuJ:i/86YFO1b5XVMjLh8FP2p0nituJ

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Crusher.zip
    .zip
  • Crusher.bat
  • freddurstpayload.bat
    .bat .vbs
  • input.jpg
    .jpg
  • laugh.mp3
  • laughpayload.bat
  • lol.vbs
  • nircmd.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • windowpayload.bat