8a379ed70d4d083e8e1803a9e1015edf7dce12df7ca03c02c7f655eb26ca0f5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a379ed70d4d083e8e1803a9e1015edf7dce12df7ca03c02c7f655eb26ca0f5f
Size

60KB
MD5

3c776cad2fa51622d235e79454410650
SHA1

d75e6f1ad8e01a6490ce16c5c06282b7ee6a9814
SHA256

8a379ed70d4d083e8e1803a9e1015edf7dce12df7ca03c02c7f655eb26ca0f5f
SHA512

d300b098ca56cea80ac69916703e8972df11097cc096215d808e7b805c18db27b53debcd2fbdd25b3bcbccab3b96950de30e8368c9ef2a770f5119594d42b071
SSDEEP

768:5sIuXQvgENdpFmTVU2onQmZJC3GjgCVWSXY2p/H+rISLKjJZHo98TlZ:GcjFmTVUxw3GjgooVKjHH08T

Score

N/A

Malware Config

Signatures

Files

8a379ed70d4d083e8e1803a9e1015edf7dce12df7ca03c02c7f655eb26ca0f5f
.exe windows x86

9e3cc2007dffab874dd2f342a3911e46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
Sleep
GetDiskFreeSpaceA
Sleep
WaitForMultipleObjects
Sleep
CreateDirectoryA
SetFilePointer
CreateEventA
GetModuleHandleA
InterlockedExchange
SetEnvironmentVariableW
GetExitCodeProcess
lstrcmpiA
LoadLibraryExW
InterlockedIncrement
GetDiskFreeSpaceA
GetPrivateProfileSectionA
GetPrivateProfileIntW
GetFileAttributesA
GetPrivateProfileIntW
OpenMutexA
lstrcmpA

catsrv

OpenComponentLibraryTS
CreateComponentLibraryTS
GetCatalogCRMClerk
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE