Overview

overview

7

Static

static

3

crowntool.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    crowntool.exe

  • Size

    11.0MB

  • Sample

    241119-xgtzlazeme

  • MD5

    372cbb8e491626eba8c68150895aea5a

  • SHA1

    b2b614750d223399f09635e533e0670371b8287a

  • SHA256

    55c6356977959b504ed469f82a47e519ce9183fa369703cc5c694313955701ba

  • SHA512

    e950dbaaacd16458e970b51129232bc595c6c971c2b4a246dce190b3d2f10671b9e7a2b1b90e37b041bf2ed3e0fd9ce6c6d5262baf03d8c4884bd47f19b495a6

  • SSDEEP

    196608:x2kwZVjZL2Vmd6+Dx2UajEwQ8jV6FOF4VRwaWc/f/+ScEVR1UJFMQKn1Q2:ZYZL2Vmd6mx2pjhV6q+CBc/eWR1UJF2m

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      crowntool.exe

    • Size

      11.0MB

    • MD5

      372cbb8e491626eba8c68150895aea5a

    • SHA1

      b2b614750d223399f09635e533e0670371b8287a

    • SHA256

      55c6356977959b504ed469f82a47e519ce9183fa369703cc5c694313955701ba

    • SHA512

      e950dbaaacd16458e970b51129232bc595c6c971c2b4a246dce190b3d2f10671b9e7a2b1b90e37b041bf2ed3e0fd9ce6c6d5262baf03d8c4884bd47f19b495a6

    • SSDEEP

      196608:x2kwZVjZL2Vmd6+Dx2UajEwQ8jV6FOF4VRwaWc/f/+ScEVR1UJFMQKn1Q2:ZYZL2Vmd6mx2pjhV6q+CBc/eWR1UJF2m

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks