643f8fb433c88ab7ba23ecfa82d923058f12aff5b7097ddf9111a12b902adcec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

643f8fb433c88ab7ba23ecfa82d923058f12aff5b7097ddf9111a12b902adcec
Size

307KB
MD5

67c4f1c8cd5ecd26a0a24d50de5002b6
SHA1

47688d2dfbd70161e98d18945c91588e2796e132
SHA256

643f8fb433c88ab7ba23ecfa82d923058f12aff5b7097ddf9111a12b902adcec
SHA512

639d539ee43e0a8306abb4cb78e19c1b4527687e28c66b380894ba1b88cd2e4996a6b7addc1a7101780db819ae367a9a5ba62bc05ef79bc85b13ada51faad312
SSDEEP

6144:t8bkXc93kUKfGunidqoUvLhtKv8CJ1uvvB:Rc9ENo8UuB

Score

N/A

Malware Config

Signatures

Files

643f8fb433c88ab7ba23ecfa82d923058f12aff5b7097ddf9111a12b902adcec
.exe windows x86

77bf28cc6cf4d20cac1cdf4be4f10a40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetPrivateProfileIntW
CreateDirectoryW
Sleep
HeapCreate
OpenMutexA
GetPriorityClass
GetPrivateProfileIntW
lstrcmpA
GetDiskFreeSpaceA
Sleep
SetEnvironmentVariableW
InterlockedExchange
GetExitCodeProcess
Sleep
lstrcmpiA
GetPrivateProfileSectionA
CreateEventA
WaitForMultipleObjects
LoadLibraryExW
GetFileAttributesA
GetDiskFreeSpaceA
SetFilePointer

catsrv

OpenComponentLibraryTS
DllCanUnloadNow
CreateComponentLibraryTS
GetCatalogCRMClerk

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE