c8b1e4e844ded28011e88b7f2307c2b28688df8ba8a72384e4864a27ea8948b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8b1e4e844ded28011e88b7f2307c2b28688df8ba8a72384e4864a27ea8948b8
Size

303KB
MD5

349c874c218309985f512a5c63c050b1
SHA1

2cde1c0c2dd0dbe33ec59c2be9dda3261cf454ef
SHA256

c8b1e4e844ded28011e88b7f2307c2b28688df8ba8a72384e4864a27ea8948b8
SHA512

41432189fcebe168965ac6a848dc965375a2fb394ee821c50124a3b5088efe7bda9aa43c0751abe9590ebd09c35f83c867adcde042a9e5063bef6c8e0e2e971b
SSDEEP

6144:2qtgLmu3VNMLohsJ3nVzSfFK4WioGHxrMPIkqVPRvAz9ENhgBoN1GblcT3:2qtgLmuFqLuY3nFwLRoG1MPITP4ZE773

Score

N/A

Malware Config

Signatures

Files

c8b1e4e844ded28011e88b7f2307c2b28688df8ba8a72384e4864a27ea8948b8
.exe windows x86

884f59ad7ad19b4a2d79555c11f50f17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
HeapCreate
lstrcmpiA
WaitForSingleObject
InterlockedIncrement
GetDiskFreeSpaceA
GetDiskFreeSpaceA
GetPrivateProfileIntW
CreateDirectoryA
GetLongPathNameW
WriteFileEx
lstrcmpA
GetFileAttributesA
GetPrivateProfileSectionA
FindResourceW
Sleep
InterlockedDecrement
GetPrivateProfileIntW
LoadLibraryA
Sleep
SetEnvironmentVariableW
Sleep
LoadLibraryExA

catsrv

OpenComponentLibraryTS
DllCanUnloadNow
GetCatalogCRMClerk
CreateComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE