9e2a46d2ce18b940c1f8e024d8324b858e2bacabf71ecae667ab4cd61b0f013c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e2a46d2ce18b940c1f8e024d8324b858e2bacabf71ecae667ab4cd61b0f013c
Size

303KB
MD5

90b8ca7797296a4751611fa293cb547c
SHA1

8525a1faab335d5d3b742cb3a20f0040aa8777d5
SHA256

9e2a46d2ce18b940c1f8e024d8324b858e2bacabf71ecae667ab4cd61b0f013c
SHA512

b979e59a9a52943d90a44e17fda230a835aae5176383102d9265c522e2b4c75af8286391c76a449ad1796317d5081aa5c7b0edb60c45ac4a7b76b023d30abec8
SSDEEP

6144:dVgqtgoc4edrMBIdANu73FeeJnEItiYYqZRd43Pb6TSCys/wV:4qtgoc4ZBImEjhnNtiqdidCBo

Score

N/A

Malware Config

Signatures

Files

9e2a46d2ce18b940c1f8e024d8324b858e2bacabf71ecae667ab4cd61b0f013c
.exe windows x86

f9f10c10285338fa861d1c6743b1a6f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionA
GetFileAttributesA
CreateDirectoryA
WriteFileEx
GetDiskFreeSpaceA
LoadLibraryExA
FindResourceW
SetEnvironmentVariableW
Sleep
InterlockedDecrement
GetPrivateProfileIntW
Sleep
lstrcmpiA
LoadLibraryA
GetLongPathNameW
GetPrivateProfileIntW
HeapCreate
GetDiskFreeSpaceA
WaitForSingleObject
lstrcmpA
InterlockedIncrement
GetExitCodeProcess
Sleep

catsrv

DllCanUnloadNow
OpenComponentLibraryTS
GetCatalogCRMClerk
CreateComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE