d6efc223158bbbf1f13e97728b1f4d9cc3475dfafcf9f8bb9b63406e73ebe05b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6efc223158bbbf1f13e97728b1f4d9cc3475dfafcf9f8bb9b63406e73ebe05b
Size

303KB
MD5

22c319ec990e0e3792cdb7e0dbadc8c0
SHA1

2934984db955e5b58358491fe57b6588e3a6fc62
SHA256

d6efc223158bbbf1f13e97728b1f4d9cc3475dfafcf9f8bb9b63406e73ebe05b
SHA512

52d017b88db083419e94570d8ab404b44168758871fc5bf9a4b7c7640835f0252974d3cb3faae7b313afd4ab9d44484cc43cdb593094559c6bbb4d22f032c3d8
SSDEEP

6144:5wqtgKDJancBdyCXSrmSZ9lm6VF9uYwOO1RegsHo2PCjcN0eMy:5wqtgKDJScHHXimSXg6VFVwAI2PocN0

Score

N/A

Malware Config

Signatures

Files

d6efc223158bbbf1f13e97728b1f4d9cc3475dfafcf9f8bb9b63406e73ebe05b
.exe windows x86

0497d8c1529ff27bb2f928eff252e761

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameW
lstrcmpA
LoadLibraryA
GetPrivateProfileIntW
GetFileAttributesA
GetPrivateProfileIntW
LoadLibraryExA
InterlockedDecrement
WaitForSingleObject
Sleep
Sleep
CreateDirectoryA
HeapCreate
SetEnvironmentVariableA
InterlockedIncrement
GetDiskFreeSpaceW
GetPrivateProfileSectionA
lstrcmpiA
Sleep
FindResourceW
WriteFileEx
GetDiskFreeSpaceW
GetExitCodeProcess

catsrv

DllCanUnloadNow
GetCatalogCRMClerk
CreateComponentLibraryTS
OpenComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE