646ad41271356c780fbfc3a87c990b67f6cf17bcbc36370224f3927b85c3ce3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

646ad41271356c780fbfc3a87c990b67f6cf17bcbc36370224f3927b85c3ce3d
Size

815KB
MD5

400ec040dddeed42d2f4d35bcff34186
SHA1

bbb664cd2742a67c49a91a636d55655db82f6f1f
SHA256

646ad41271356c780fbfc3a87c990b67f6cf17bcbc36370224f3927b85c3ce3d
SHA512

a519a2f4d02952f916f3189a39fd2e5b1eee404db2725b364e1c04c08848b3bd8af8f03a93da98ad32deac373f523e006fcac7d704b570e0560cc548ed11a6cb
SSDEEP

12288:zuljehwda1bgUakZaZ8FZNaiJ7rcPJC/3VrbfYtzqRAv1lifGCr1Qf+/0zLMXW:Geuda1QZ8nuJwbfYBjvbcGCr1QJzk

Score

N/A

Malware Config

Signatures

Files

646ad41271356c780fbfc3a87c990b67f6cf17bcbc36370224f3927b85c3ce3d
.exe windows x86

ca3d89945ed0fe4d83e448da9b8f8ff9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetModuleHandleA
GetStringTypeA
VirtualAlloc
SetEnvironmentVariableW
GetComputerNameW
lstrcatA
ReadConsoleW
GetFileType
SetCurrentDirectoryA
InterlockedExchange
GetCurrentProcess
GetDiskFreeSpaceA
GetPrivateProfileIntW
FindFirstVolumeW
GetFullPathNameW
FormatMessageA
LeaveCriticalSection
RemoveDirectoryA

catsrv

GetCatalogCRMClerk
CreateComponentLibraryTS
OpenComponentLibraryTS
DllGetClassObject

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TEXT
Size: 803KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ