fa690b2b77714de2ef498e0400b2ff6eda6cf5b3500a04477dccd9fb027eb6c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa690b2b77714de2ef498e0400b2ff6eda6cf5b3500a04477dccd9fb027eb6c7
Size

300KB
MD5

f418939a1910b2a13a3e5c1f4afe41a7
SHA1

25d8f53ca5c297024c7e6c66404ab3927013b446
SHA256

fa690b2b77714de2ef498e0400b2ff6eda6cf5b3500a04477dccd9fb027eb6c7
SHA512

5277ff4fb88c08310841b8eab6b4f2a347a0475cd302ab2b3a8f3d4011fd6ce6fb7d9d7715215bc65e7b9b3ae0d2301f47ff45134cc7f766ca38006f4b6cb678
SSDEEP

6144:LstIKCWX8opKGVl+G5L+jylvLd4DIws7ZehxD9ZAEYT1kd:L2IHMzphlsylR4ulWgn1

Score

N/A

Malware Config

Signatures

Files

fa690b2b77714de2ef498e0400b2ff6eda6cf5b3500a04477dccd9fb027eb6c7
.exe windows x86

654081499d76a6133ef403958a26c285

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
Sleep
CreateDirectoryA
GetModuleHandleA
InterlockedIncrement
HeapCreate
GetDiskFreeSpaceA
WaitForMultipleObjects
GetFileAttributesA
GetPrivateProfileIntW
FindResourceW
lstrcmpA
SetEnvironmentVariableW
GetDiskFreeSpaceA
LoadLibraryExW
GetLongPathNameW
InterlockedExchange
Sleep
GetExitCodeProcess
Sleep
GetPrivateProfileSectionA
lstrcmpiA
SetFilePointer

catsrv

GetCatalogCRMClerk
DllCanUnloadNow
OpenComponentLibraryTS
CreateComponentLibraryTS

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE