1642cf2822cbb26ca9e0fb3910c313a10bf73c9afe178a386c8a50963f67dba2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1642cf2822cbb26ca9e0fb3910c313a10bf73c9afe178a386c8a50963f67dba2
Size

123KB
MD5

33e125b53ddd64fc20701671acc833d0
SHA1

061c9064b9186fd1774afc5fb906da338bdbb473
SHA256

1642cf2822cbb26ca9e0fb3910c313a10bf73c9afe178a386c8a50963f67dba2
SHA512

2190c914d3b907ff16fadb1cf553485a264a0636d8895340a42e8849a746eb19d8592af5676d6dd350a3453e181a4c24857de1b60202816e401e2d94cbbe1010
SSDEEP

3072:kAOOskoOzNw5sfwFDtk1++pZq7Cipoqy4ZkGK:psTOzNwu4NtWq7Ciygqd

Score

N/A

Malware Config

Signatures

Files

1642cf2822cbb26ca9e0fb3910c313a10bf73c9afe178a386c8a50963f67dba2
.exe windows x86

c023a1eaaa69dfdd8630b599cf24d5df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
SetEnvironmentVariableA
CreateDirectoryA
GetLongPathNameW
WriteFileEx
Sleep
GetPrivateProfileSectionA
Sleep
GetPrivateProfileIntW
GetPrivateProfileIntW
GetExitCodeProcess
InterlockedDecrement
GetFileAttributesA
Sleep
HeapCreate
GetDiskFreeSpaceW
WaitForSingleObject
GetDiskFreeSpaceW
InterlockedIncrement
LoadLibraryExA
FindResourceW
LoadLibraryA
lstrcmpA

catsrv

CreateComponentLibraryTS
DllCanUnloadNow
OpenComponentLibraryTS
GetCatalogCRMClerk

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE