efd00e988751fbb413b2d39e60c725a57c9c6d569222f1cad0bf4945745ed1ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efd00e988751fbb413b2d39e60c725a57c9c6d569222f1cad0bf4945745ed1ad
Size

118KB
MD5

47adcf5d3e2cbb6ce19df74a3e52349e
SHA1

82dc1614f64eb66569b412d5609ef35c40779669
SHA256

efd00e988751fbb413b2d39e60c725a57c9c6d569222f1cad0bf4945745ed1ad
SHA512

22bad765796611dc9b1ba7217231b72e7ad0ad3ccd8ce3366a5becee35404e390ce926e92a18eb489e676b129c95bd2ab9a03d8ad1940a8e9b65d8f9c22ed30f
SSDEEP

3072:wZ3kS/ygxc9Da7xJ2tF0DG93HWcOQOeHf4wotT31:G3dxxc9exJkaGd1hOAoth

Score

N/A

Malware Config

Signatures

Files

efd00e988751fbb413b2d39e60c725a57c9c6d569222f1cad0bf4945745ed1ad
.exe windows x86

2171bde5a75ee0e48d938558e58e7231

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetExitCodeProcess
HeapCreate
GetPrivateProfileIntW
GetPrivateProfileIntW
Sleep
Sleep
Sleep
InterlockedExchange
CreateDirectoryA
GetFileAttributesA
GetDiskFreeSpaceA
SetEnvironmentVariableW
SetFilePointer
GetDiskFreeSpaceA
LoadLibraryExW
GetModuleHandleA
WaitForMultipleObjects
lstrcmpiA
GetLongPathNameW
FindResourceW
GetPrivateProfileSectionA
lstrcmpA

catsrv

OpenComponentLibraryTS
DllCanUnloadNow
CreateComponentLibraryTS
GetCatalogCRMClerk

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE