03aed64c1ae126bad433a0758f8c2b36f5081dc76426929c7145f5203199a756 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03aed64c1ae126bad433a0758f8c2b36f5081dc76426929c7145f5203199a756
Size

25KB
MD5

5700d0027d9defdd860a38121ccb9060
SHA1

e9efb355a2e2e612a4947d6bc526322f3f997778
SHA256

03aed64c1ae126bad433a0758f8c2b36f5081dc76426929c7145f5203199a756
SHA512

dc6d7192b4f1d1412b5bf3378ab593a3a855fcb350ca98ab9f585c0a3609cac2e1d8861f90b8005fa371835cf136e748cceceec32e09488c5a2af5a44178f340
SSDEEP

384:wAM6Y8yiYJcwwhH3zVGud+tTcQ6uk+FShhT19Uk:wAM6Y7JJ6D70Dgbx9Uk

Score

N/A

Malware Config

Signatures

Files

03aed64c1ae126bad433a0758f8c2b36f5081dc76426929c7145f5203199a756
.exe windows x86

16e94f53ad58f3013134d643ff1b5b22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
InterlockedDecrement
LoadLibraryA
FindResourceW
Sleep
GetLongPathNameW
Sleep
GetPrivateProfileIntW
WriteFileEx
SetEnvironmentVariableW
Sleep
HeapCreate
CreateDirectoryA
LoadLibraryExA
GetFileAttributesA
lstrcmpiA
GetDiskFreeSpaceA
GetDiskFreeSpaceA
GetExitCodeProcess
GetPrivateProfileIntW
InterlockedIncrement
lstrcmpA
GetPrivateProfileSectionA

catsrv

OpenComponentLibraryTS
CreateComponentLibraryTS
GetCatalogCRMClerk
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE