e0687ac14563ee517e78d054c6bbfc60a58586b517fd0fd52b0c055eb74d4090 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0687ac14563ee517e78d054c6bbfc60a58586b517fd0fd52b0c055eb74d4090
Size

303KB
MD5

6cdf2ab8c7eb04b9bd0f6a9895c60690
SHA1

be3c66af162f87bf2fc9478f2fedc32c80426d31
SHA256

e0687ac14563ee517e78d054c6bbfc60a58586b517fd0fd52b0c055eb74d4090
SHA512

d5669eea918797fb1e5910d654f88cbf51af35334b09c74be69f6a0971752e798a69711a024bf4e27d81d121da493a933febf95577a681a1ac6c442655195eb2
SSDEEP

6144:wl/gqtgapIdyRhJm9l0VqYY4zWGK36FExxFGH:MIqtgamdyM9AqYW2FWbI

Score

N/A

Malware Config

Signatures

Files

e0687ac14563ee517e78d054c6bbfc60a58586b517fd0fd52b0c055eb74d4090
.exe windows x86

dbad74e3e5c5760ceebf8f39b808f3ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
WaitForSingleObject
Sleep
InterlockedDecrement
Sleep
CreateDirectoryA
lstrcmpiA
GetDiskFreeSpaceA
GetDiskFreeSpaceA
FindResourceW
GetFileAttributesA
GetPrivateProfileSectionA
GetPrivateProfileIntW
WriteFileEx
lstrcmpA
GetExitCodeProcess
Sleep
SetEnvironmentVariableW
LoadLibraryExA
InterlockedIncrement
GetPrivateProfileIntW
HeapCreate
GetLongPathNameW

catsrv

CreateComponentLibraryTS
GetCatalogCRMClerk
DllCanUnloadNow
OpenComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE