26d7b3f9b038e713f7efb7fffad434fffae9229c5d3aec02201a781dffaf320e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26d7b3f9b038e713f7efb7fffad434fffae9229c5d3aec02201a781dffaf320e
Size

304KB
MD5

b010e2b4a0f9d19643d7aff7b1a5069b
SHA1

d950f0a19f51d6fb253a8e032361f977fec8c07b
SHA256

26d7b3f9b038e713f7efb7fffad434fffae9229c5d3aec02201a781dffaf320e
SHA512

b99c768ee417f0ba349d637323048646c912f67d1e36824e614da402e7e9d6099da1b873776d4166001eb6c7534efcfdb905e3068c2f265a84fa523b9d93bb87
SSDEEP

6144:dhKqtgDD0E21tsom/yHHx8m6x2dUoEVt9TMHjv+Mit:vKqtgDiD98d2Bjit

Score

N/A

Malware Config

Signatures

Files

26d7b3f9b038e713f7efb7fffad434fffae9229c5d3aec02201a781dffaf320e
.exe windows x86

a3cffc0520b6c7c9ae9f0ba381719800

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
HeapCreate
InterlockedExchange
WriteFileEx
GetDiskFreeSpaceA
WaitForSingleObject
LoadLibraryExA
GetModuleHandleA
Sleep
Sleep
GetFileAttributesA
CreateDirectoryA
GetExitCodeProcess
GetDiskFreeSpaceA
GetPrivateProfileSectionA
GetPrivateProfileIntW
SetEnvironmentVariableW
FindResourceW
lstrcmpiA
lstrcmpA
GetLongPathNameW
InterlockedIncrement
Sleep

catsrv

CreateComponentLibraryTS
OpenComponentLibraryTS
GetCatalogCRMClerk
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE