07e3f140e3fc527f4e774fcb849e99e79175d8a4d4115ae4b1ed2a006016a9d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07e3f140e3fc527f4e774fcb849e99e79175d8a4d4115ae4b1ed2a006016a9d9
Size

303KB
MD5

fe77e819fc771a236b61fa6c4c79a080
SHA1

2f9c1762c830d4d63a11ada3ee84ae46b7034ab8
SHA256

07e3f140e3fc527f4e774fcb849e99e79175d8a4d4115ae4b1ed2a006016a9d9
SHA512

040dce5010108e631711a504d5b70760dcd95a38de167058f4b2bff52aac47d56bf5ffd8523104b856c026d6a543c787b2d696b011a51150e5c5c311900434c0
SSDEEP

6144:4UqtgktpWhZE2L4eKbTSVw0QkTzlVlPafW6oQP8XWOIpr8rFXUcU6i1:4UqtgktyZx8nSVwMHlVNabn8GOIpgr5p

Score

N/A

Malware Config

Signatures

Files

07e3f140e3fc527f4e774fcb849e99e79175d8a4d4115ae4b1ed2a006016a9d9
.exe windows x86

2d442d4e365fa66be317f24cd88542b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
InterlockedIncrement
GetDiskFreeSpaceA
GetDiskFreeSpaceA
LoadLibraryExA
Sleep
FindResourceW
SetEnvironmentVariableW
GetPrivateProfileIntW
InterlockedDecrement
HeapCreate
Sleep
Sleep
WriteFileEx
GetLongPathNameW
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetExitCodeProcess
lstrcmpiA
GetFileAttributesA
CreateDirectoryA
LoadLibraryA
WaitForSingleObject

catsrv

GetCatalogCRMClerk
OpenComponentLibraryTS
DllCanUnloadNow
CreateComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE