F��.�� ���N&���X^��D�?yGZ�H`,�#l�������F����yR���Z���"�T�(�$��k��9����O��g��a�>��vt8�w���'��;� ӔA���@F���U�|)7�d�J�CL�-s{���co�`��Eg$�lP��f�X0�_6yw�K�����܆?2�(��vֆnS��n���u;���`ͫ��mo�~����kGv��J�N�ȶ��=�y<T� ��5�J��u:6ܫ� �����mxZ�K�������q�*�XV��>�����D����"�i��� `������w�v X�O��g5:ޗ����L�3sP�E�[�;���8 1s��VY��ԋ3�����N[���JW|�(��E����Y�Hޢ(��v�q�B8E�l�[�:r��щ�i��1@�D��sWP��[�` _IbdK��1e�eC�n�]���������T�A����|#�Κ�6Ȣ�7��qvrE�/hi�$6��ڦ2�C'��:���D��O�JaX<y�XcN�o �;c���W���q$)IRu@<���y|�q�&���x�����)��)����+�G�<�~�*�u��2t�SLH�p�k�j�+�&N����mk�b��Tp��a�&M����6�sF�ɘ5��W�7}vx����uN;����y/��/m!�]��^��L�t��+D������L��1,�s��^��F���IO�to��]��H��Ѹ�[�ZO"�ȩ�l������LG�������+4���y@��6�y�ܷD�E�a������C �Pٰ%���.qy��l�`;t���{�)G�F�6q�Be�=�R�$X)ą V�1�ΐ�����Zs� WnӹMhX�56�P]���hD�D�G�Ꮉm��RX1ET�W˳��;&����V5������B8�_X7j���ζ�Զ`1�㵹� ����C�߯�7zQ5��k]"��1b���,�K?������> ��8�.&9�iX#Q�(������>䗳��i���w@z�S�eW��"L�jg�uw=t1�������H����.�-cQ�Y7ы�cL��h?��^,��5�e�ĕxІ���� -o��D�hM!_��N�ֵ�f!)�����Y���)�3��%A��9E����M���j��mUp�&�@�z���#kwFm��r��Ku��>3�O������) �����%���6���Pv�k�pN�g�l̩��m=A�u��ڂ����Uص������~�uN�ݍ�C��8��Ă ߳0q�� nip��y�@ھE�9�]kO����.��[�e�k���q3�B���Pܕ�o2i����V��O���UnHF���㘟K�)��z��F�+�хb�ޚ�g;�oA/<�L({e�R(���KdF��@m��l�Y������6�b��v(5��B�v�<��W�U ����w�jV����v}����DXA���[�:��a*���K��(V+Z�y��&*L\�)���ICr=��2��o�����n�?�a��J��%�lh��a��i)!cg<z#w�!sc�nmm���@Ѻc��E���q�����{F�XX��m�d�U�9�lZ��a%AB`�(�3�9�� ����NMc���R�IY�v��z��M>ÌNR���A�@���Y��5%��_8J#�:jr\L�)�oL�G�����������bj�o�t��C|V������\�)4g�]�R�?�&������f�L�u�Nh�|p�6�z����k^���?�i�6���/��N�鬊;ؓn��W��$��a."� ӮDX:"�"m�n�;; �]`�y8��F���7|������W���0��x�3�p�>����{��-VcQ�s \ ,��Y$ll�#�l����cA>�E'3&5�ޚ0����P�OU������T���ex!�����qP���Y8��0@��+o�x�X��r���@ȅV��{z5r���2�R/��h��YmT x��Id�4Dz:[��[:�˅Y���(���/DT�`QS ���[�FEQ���S����6jE����C��ޛӘ�\I���/��ڎv��o�GVFR˻+?��̰z1����iP���P�O_����JǝLj�'BV����Ψ��m��\4�?R�po��ݼ@������jG����<<o"H�������Vz�2,���rƶUD �VO6�&�(�q��{ڧ���6�hwx�t�:���b"L��Z$LsI.���LQ�z�.@F���;��Q�%�TS�$��G(@��|k�]p�I� ����3X�7��y���7˪�C��x��+�0 |�� �_�.9��_�1��D`߲?V3^�?�õ��ܕ������'"dt7v��谎W pq��=���f �U� �2������IeWR)\3�L��s�X)���y+F��'N��f��/ҒX9sa��f���/a��@�3]���Fk&s�_��%����q�����ۛƾ��L��jd���9zS1R��#4�$�'@K8��2�y6M� L3�b�=�;^��V�^�?��kF8Ϛ����y�s�ϣS���{��(ZK�d��R�l���l�H���0y�kB�;���R�(�u�J���# �����ޥ��"Q����?~�Tgh���+0ߐ�?�뒷�+o��+) ��Y�3�8�1׆��w���m0_�|�9�V��C�5��jb�����ȏ�[[�_������ ɪ{��as)ӅZc��g0q{�mM�|c�}×����%��܃�W:���TF����n�����~1V�A�]E��su���� x��ߕ�c��?)��*$6�,y|���ʫ��� :�m��VT��y&�����y��H�1�s%Gx�/!�UI��;�oQ:mffߔ���mI�� #�PL�0����#�c�����TOvl�y=�ȆژI�f"���v=�_F����n�ҹ�?7*�s�o��N�L��j� �ͅ�����8Q<S�@<)���I2蒀�\�ӆl)+>��s��|+����FQz�����jz�f�
Static task
static1
Behavioral task
behavioral1
Sample
CrackLauncher.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
CrackLauncher.exe
Resource
win10v2004-20240704-en
General
-
Target
CrackLauncher.exe
-
Size
5.5MB
-
MD5
52aaa8c3fd6b813b713ae05ab9e4829c
-
SHA1
d4ac8addbe5e15e867afe58f4bbb8319395ad38e
-
SHA256
0c30d4cb510304d4ce140952f8ce316056cc4bc552cef78a81fd5301aecc1fd2
-
SHA512
c39bba95a8554f1115d0362bad33901fd87e00d5de7671cd48d7b537c97889882b9009a83948087cf8516a32588e4ef831531977740b17a2791cec927934fdd8
-
SSDEEP
98304:SJuJhPWclzxum6p/GuTIZULvC6LcbE6HGek94x1RK22cJfcdnidC7GpWhGrj6j:QuaAxSTZLvD6/x1R92cJUMo7xS6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource CrackLauncher.exe
Files
-
CrackLauncher.exe.exe windows:6 windows x64 arch:x64
8f88dd8fc38a4ed5c63bb42c6465dd20
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
SetConsoleTitleA
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
shell32
ShellExecuteA
msvcp140
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__C_specific_handler
api-ms-win-crt-stdio-l1-1-0
fgetpos
api-ms-win-crt-runtime-l1-1-0
__p___argv
api-ms-win-crt-filesystem-l1-1-0
_lock_file
api-ms-win-crt-heap-l1-1-0
free
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
user32
CharUpperBuffW
Exports
Exports
Sections
.text Size: - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.'|? Size: - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.h>& Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.SnO Size: 5.5MB - Virtual size: 5.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 469B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ