7346b2df13ed7166124c7693fe2b7708b3e3f71abc9e9e5a52e980b65400bd46

Sharing

Copy URL Twitter E-mail

General

Target

7346b2df13ed7166124c7693fe2b7708b3e3f71abc9e9e5a52e980b65400bd46
Size

99KB
MD5

67b8d12f2f3d7f9aaa8016ca3f30d2f0
SHA1

b34762f2a2acfbc29d4490ec531835867e4f590f
SHA256

7346b2df13ed7166124c7693fe2b7708b3e3f71abc9e9e5a52e980b65400bd46
SHA512

31f3bc9174c46e9afc782f1ba175bbb40058cd09cdb82c4bb8da65b4672ff682c3f9dce856fc4fbb4e4199e259174216e1f71912abb5196e24206a001c2569dc
SSDEEP

1536:zyvCLBoJ4KTOGHcKhgnPZcHHTuipl/oUY3Fw:m3JpOYenPZcn3lgUY

Score

N/A

Malware Config

Signatures

Files

7346b2df13ed7166124c7693fe2b7708b3e3f71abc9e9e5a52e980b65400bd46
.exe windows x86

6e9c7ef37152dd05e8fad689500b6966

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wftocacd

?GetGALevel@CATINSToc@@QAEPADXZ

js0group

?BuildFromNum@CATUnicodeString@@QAEHHPBD@Z
?Append@CATUnicodeString@@QAEAAV1@ABV1@@Z
??0CATUnicodeString@@QAE@ABV0@@Z
CATGetEnv
CATFileAccess
??0CATMsgCatalog@@QAE@XZ
??0CATUnicodeString@@QAE@XZ
??1CATUnicodeString@@QAE@XZ
??4CATUnicodeString@@QAEAAV0@PBD@Z
??0CATUnicodeString@@QAE@QBD@Z
??0CATString@@QAE@QBD@Z
?BuildMessage@CATMsgCatalog@@SA?BVCATUnicodeString@@ABVCATString@@0PAV2@HABV2@@Z
??4CATUnicodeString@@QAEAAV0@ABV0@@Z
??1CATString@@QAE@XZ
??1CATMsgCatalog@@QAE@XZ
?ConvertToChar@CATUnicodeString@@QBEPBDXZ

cxinstutil

?WriteLogFile@CATInstallLog@@QAEXAAVCATUnicodeString@@@Z
?WriteLogFile@CATInstallLog@@QAEXPBD@Z
?CATInsCheckSyntaxDir@@YAHPBDAAVCATUnicodeString@@@Z
?CATInsCheckEmptyDir@@YAHPBD0PAVCATUnicodeString@@@Z
?CATInsCreateDirectory@@YAHPAD@Z
?CATInsCommande@@YAHPADPAVCATUnicodeString@@@Z
?CATInsDeleteDir@@YAHPBDH@Z
?CATInsComputeAvailSpace@@YAHPBDPAIPAVCATUnicodeString@@@Z
?SatComputeRequired@@YAIPBDAAVCATUnicodeString@@@Z
?CATInsTransferCAF@@YAHPBD000HAAVCATUnicodeString@@H@Z
?SatUpdateService@@YAHAAVCATUnicodeString@@@Z
GetDefaultUnloadDir
??0CATInstallLog@@QAE@PAD@Z
?OpenLogFile@CATInstallLog@@QAEHPBDHAAVCATUnicodeString@@@Z
?CATInsIsRoot@@YAHAAVCATUnicodeString@@@Z
?CATInsCheckMediaSAT@@YAHPADAAVCATUnicodeString@@@Z
?InitMediaToc@@YAHPADAAPAVCATINSMediaToc@@AAVCATUnicodeString@@@Z
?GetLogFileName@CATInstallLog@@QAEPADXZ
?CloseLogFile@CATInstallLog@@QAEXPBD@Z

msvcr80

_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_crt_debugger_hook
strncmp
_errno
strerror
free
_strdup
__iob_func
fprintf
fflush
??3@YAXPAX@Z
_callnewh
malloc
sprintf
getenv

kernel32

IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
UnhandledExceptionFilter
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

cvolr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 77KB - Virtual size: 77KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e9c7ef37152dd05e8fad689500b6966

Headers

File Characteristics

Imports

wftocacd

js0group

cxinstutil

msvcr80

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

cvolr Size: 4KB - Virtual size: 4KB

Size: 77KB - Virtual size: 77KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

cvolr
Size: 4KB - Virtual size: 4KB