Static task
static1
Behavioral task
behavioral1
Sample
crackme.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
crackme.exe
Resource
win10v2004-20240802-en
General
-
Target
240807-y9vx2atdpr_pw_infected.zip
-
Size
30KB
-
MD5
4f62ee1a5301522eae7ec537322181db
-
SHA1
75cd093aa4594c41803c021aa4e6a111494206e4
-
SHA256
2bee7443ee09ff2796547c8f7347716e40cbd3ed6e70baab142ee3b56c4e4aed
-
SHA512
927f08d635fd0a806d1d80ea15330b2c01a870d89ceb15dc274bf70a8d0f28b3b694e5c02a958da2adc88ebc74b8780438cbc4432f05e01cdc3db8d007001b43
-
SSDEEP
768:1Q/VX+ZI8BvjTTPwU9j5pyhzZG0dd9MXJPntg:1Q/VuZJvLRj5Af9+ntg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/crackme.exe
Files
-
240807-y9vx2atdpr_pw_infected.zip.zip
Password: infected
-
crackme.exe.exe windows:4 windows x86 arch:x86
158424a205ce8b9bdaed8353a1df1bd9
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
EndDialog
SendDlgItemMessageA
SendMessageA
GetDlgItemTextA
MessageBoxA
LoadIconA
DialogBoxParamA
kernel32
lstrcpyA
lstrlenA
LockResource
SuspendThread
RtlZeroMemory
SetThreadPriority
Sleep
ResumeThread
CreateMutexA
ExitProcess
FindResourceA
GetLastError
GetModuleHandleA
GlobalAlloc
GlobalFree
LoadResource
ExitThread
SizeofResource
lstrcmpA
CloseHandle
CreateThread
winmm
waveOutReset
waveOutGetPosition
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutClose
waveOutRestart
waveOutUnprepareHeader
waveOutWrite
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ