88c599e87c78aba10d310ca13928697f2c2bad662177ebd44ed8920484c0df2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88c599e87c78aba10d310ca13928697f2c2bad662177ebd44ed8920484c0df2f
Size

416KB
MD5

2f36c977d0f2bb08e035b874be5b33f0
SHA1

dfed1880d808b7bbe999e405ff98594e20781429
SHA256

88c599e87c78aba10d310ca13928697f2c2bad662177ebd44ed8920484c0df2f
SHA512

16b6a2ec9bf924f03ecbf4bbfda5d1868e78ee67289784b20bb4c848d27b8bdd8d13aa6866ffa857a6c208182600b58010f1d99eafdf9f680a809522e8ea5beb
SSDEEP

6144:Ntq9OCvAI0Y/qMjUlofaeExV3a+e5qb8wAp5Ey+W0HXQGkJrx0Ph4orLCR5yMkI2:fivNiMDpExIpGrQnVxBoSh6DR0APt+Y

Score

N/A

Malware Config

Signatures

Files

88c599e87c78aba10d310ca13928697f2c2bad662177ebd44ed8920484c0df2f
.exe windows x86

3eb1471d5896b5e9676927b0aec57351

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
InterlockedIncrement
lstrcmpA
GetExitCodeProcess
SetEnvironmentVariableA
Sleep
GetFileAttributesA
GetDiskFreeSpaceW
LoadLibraryA
GetDiskFreeSpaceW
WaitForSingleObject
GetPrivateProfileIntW
WriteFileEx
lstrcmpiA
Sleep
CreateDirectoryA
GetPrivateProfileIntW
GetLongPathNameW
FindResourceW
GetPrivateProfileSectionA
Sleep
LoadLibraryExA
InterlockedDecrement

catsrv

GetCatalogCRMClerk
DllCanUnloadNow
CreateComponentLibraryTS
OpenComponentLibraryTS

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 410KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE