Unconfirmed 729535[.]crdownload

Sharing

Copy URL Twitter E-mail

General

Target

Unconfirmed 729535.crdownload
Size

3.4MB
MD5

f6e8df2feb833810bee4b8bea95decbd
SHA1

f0d496b2513de1be143281b49a9de01dec4e4a3e
SHA256

c30f5512a464d8e458a058efc3389ac790dc11d7c767b7eedc121b4b9e143cce
SHA512

723151f447cca31e982752d9fb5fac174d426d1ace4470b86781d9e30dceadb65f6aa56da08d5c50889dba8c67f8a3b93568bd23ee46752bcc31ea288abf1afe
SSDEEP

49152:8Ku0cJClvQt8LH5Qli2VevA4zAYN7WSTAncJlXB3oDL4sC18d/qbm8HNvx2rnCqI:hXvJ8dKFds4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Unconfirmed 729535.crdownload

Files

Unconfirmed 729535.crdownload
.exe windows:6 windows x64 arch:x64

7fd0ab45a045fe71ef5aeeb4dc276fe2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Bamboo\home\xml-data\build-dir\CST-COL-LCW\bin\x64\Release\bitdefenderci.pdb

Imports

advapi32

FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
CryptGenKey
CryptExportKey
CryptEncrypt
CryptDecrypt

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

iphlpapi

NotifyAddrChange
CancelIPChangeNotify
GetAdaptersAddresses
GetExtendedUdpTable
GetExtendedTcpTable

ws2_32

WSAStartup
WSACreateEvent
WSACleanup
WSASocketW
WSACloseEvent
htons
bind
WSARecv
inet_ntop
ntohs
WSAGetLastError
closesocket

crypt32

CryptImportPublicKeyInfo
CryptDecodeObjectEx
CryptStringToBinaryA

kernel32

FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetProcessHeap
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
IsValidCodePage
GetEnvironmentStringsW
GetOEMCP
EnumSystemLocalesW
GetACP
ExitProcess
WriteFile
HeapFree
ExitThread
HeapReAlloc
HeapAlloc
SetStdHandle
ReadConsoleW
HeapSize
GetTimeZoneInformation
MultiByteToWideChar
FormatMessageW
GetLastError
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetLocalTime
GetTickCount
CloseHandle
UnmapViewOfFile
MapViewOfFile
LocalFree
CreateFileMappingA
LocalAlloc
SetFileAttributesA
CreateDirectoryA
GetCurrentProcessId
FileTimeToSystemTime
GetCurrentProcess
GetProcessTimes
ExpandEnvironmentStringsA
OutputDebugStringA
GetCurrentThreadId
DeviceIoControl
CreateFileW
OutputDebugStringW
GetFileSize
ReadFile
DeleteFileW
GetModuleFileNameW
OpenProcess
K32GetProcessImageFileNameW
ExpandEnvironmentStringsW
FindFirstFileW
FindNextFileW
FindClose
GetLocaleInfoW
GlobalMemoryStatusEx
CreateIoCompletionPort
SetLastError
GetQueuedCompletionStatus
GetOverlappedResult
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleW
FindResourceW
LoadResource
SizeofResource
LockResource
VerSetConditionMask
VerifyVersionInfoW
OpenEventW
SetEvent
WaitForSingleObject
CreateEventW
CreateProcessW
CreateDirectoryW
FindFirstFileExW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
GetStringTypeW
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentThread
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
ReleaseSemaphore
InitializeCriticalSection
CreateSemaphoreA
CreateEventA
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualFree
VirtualProtect
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlPcToFileHeader
RaiseException
RtlUnwindEx
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
GetCommandLineA
GetCommandLineW
SetEnvironmentVariableA

Sections

.text
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 797KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fd0ab45a045fe71ef5aeeb4dc276fe2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

version

ole32

oleaut32

iphlpapi

ws2_32

crypt32

kernel32

Sections

.text Size: 778KB - Virtual size: 778KB

.rdata Size: 797KB - Virtual size: 796KB

.data Size: 322KB - Virtual size: 331KB

.pdata Size: 40KB - Virtual size: 39KB

.gfids Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 83KB - Virtual size: 83KB

.text
Size: 778KB - Virtual size: 778KB

.rdata
Size: 797KB - Virtual size: 796KB

.data
Size: 322KB - Virtual size: 331KB

.pdata
Size: 40KB - Virtual size: 39KB

.gfids
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 83KB - Virtual size: 83KB