79522b90027eafad851dd9c1b0d2e0a3a48c5d5dd6e7ae1eb1a2d0ca90436edf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79522b90027eafad851dd9c1b0d2e0a3a48c5d5dd6e7ae1eb1a2d0ca90436edf
Size

416KB
MD5

061252b21a87f648a44ede01194c2da0
SHA1

dc4c8ce3f38aa95a5a724b7aa47b73b49a875a43
SHA256

79522b90027eafad851dd9c1b0d2e0a3a48c5d5dd6e7ae1eb1a2d0ca90436edf
SHA512

b889ec6eb0fa591ec220adb676464856b41fee7a935fb8991a3bac1966cf1d1cbcb4e9b39c972ca0635e72622980e82ef9aead62030dfb1b518c3f6134f14c3e
SSDEEP

12288:HFivNiMDpExIpGrQnVxBoSh6DR0APt+Y:HFiFiBumIVxBoSMqgtl

Score

N/A

Malware Config

Signatures

Files

79522b90027eafad851dd9c1b0d2e0a3a48c5d5dd6e7ae1eb1a2d0ca90436edf
.exe windows x86

36fa6b72403326078b0589d513fd9da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
LoadLibraryA
Sleep
WaitForSingleObject
WriteFileEx
GetPrivateProfileSectionA
CreateDirectoryA
GetExitCodeProcess
GetPrivateProfileIntW
FindResourceW
Sleep
InterlockedIncrement
GetFileAttributesA
GetDiskFreeSpaceW
lstrcmpiA
GetLongPathNameW
SetEnvironmentVariableA
GetPrivateProfileIntW
InterlockedDecrement
lstrcmpA
Sleep
HeapCreate
GetDiskFreeSpaceW

catsrv

GetCatalogCRMClerk
DllCanUnloadNow
CreateComponentLibraryTS
OpenComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 410KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE