29a7b0150d7746ac7a757504ba96568a7aaabfaa515e3bf3d2dcf742ad4a74d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29a7b0150d7746ac7a757504ba96568a7aaabfaa515e3bf3d2dcf742ad4a74d5
Size

40KB
MD5

6ed4898503f6816f07cca8b3c607eddf
SHA1

9011bbbbec0e5fc58c8bb238728376fffee37744
SHA256

29a7b0150d7746ac7a757504ba96568a7aaabfaa515e3bf3d2dcf742ad4a74d5
SHA512

ffbb062db5ff411516715cde01c314687b1003ae56341dbe7d60ff7a1369f69ca506ff0dea2e5f1fa9005ea7fd56913e2e1be395b617523cca59605cb7ba3a7f
SSDEEP

768:pDy8BwNDHimXkqH9UyMHHmCqSDWqcqoe69EzIp:qLi8dUydqcqoev8p

Score

N/A

Malware Config

Signatures

Files

29a7b0150d7746ac7a757504ba96568a7aaabfaa515e3bf3d2dcf742ad4a74d5
.exe windows x86

f587a06390744351aa80e13c21d9799d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
lstrcmpiA
SetEnvironmentVariableW
InterlockedDecrement
lstrcmpA
GetExitCodeProcess
LoadLibraryExA
GetDiskFreeSpaceA
GetDiskFreeSpaceA
GetPrivateProfileSectionA
GetFileAttributesA
WriteFileEx
WaitForSingleObject
Sleep
Sleep
Sleep
HeapCreate
CreateDirectoryA
GetPrivateProfileIntW
InterlockedIncrement
FindResourceW
GetLongPathNameW
GetPrivateProfileIntW

catsrv

CreateComponentLibraryTS
OpenComponentLibraryTS
DllCanUnloadNow
GetCatalogCRMClerk

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE