115e51a60bca63ca757fd335c5cde5dceec4871bf1994d53415320bba2444e94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

115e51a60bca63ca757fd335c5cde5dceec4871bf1994d53415320bba2444e94
Size

307KB
MD5

3162fc721a2c2b6a5f50ca10658f5ae4
SHA1

46516397939caa1d76f42ed865cb613f96f5b4da
SHA256

115e51a60bca63ca757fd335c5cde5dceec4871bf1994d53415320bba2444e94
SHA512

c89f4a0859fd1d1ca8a6e3300c956017f799e98d844bcaa9609029d15d283595261a2f81457bd32a9ac9bc4c31c921cc4ab1f09e4d92ab5ac7e7d368f811729b
SSDEEP

6144:mhntQtWJsn6ud1H737CEnfmF+BhxIisuK8KkUhkQ/lVpc56Ad:yaWJWd1T7CEnuF+BhxIl81cVpc5Jd

Score

N/A

Malware Config

Signatures

Files

115e51a60bca63ca757fd335c5cde5dceec4871bf1994d53415320bba2444e94
.exe windows x86

45192453e1256a16d57cbfa846bcd24e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
Sleep
CreateEventA
InterlockedExchange
GetFileAttributesA
WaitForMultipleObjects
SetFilePointer
lstrcmpA
GetDiskFreeSpaceA
HeapCreate
GetExitCodeProcess
GetPrivateProfileIntW
CreateDirectoryA
GetPrivateProfileIntW
SetEnvironmentVariableW
GetPriorityClass
GetPrivateProfileSectionA
lstrcmpiA
LoadLibraryA
GetDiskFreeSpaceA
OpenMutexA
LoadLibraryExW
Sleep

catsrv

GetCatalogCRMClerk
OpenComponentLibraryTS
CreateComponentLibraryTS
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE