6520f0bb61bdf1c7ea631c8cf69287361ac56b879409dc240901899d6fd11120 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6520f0bb61bdf1c7ea631c8cf69287361ac56b879409dc240901899d6fd11120
Size

307KB
MD5

1facefbbfbf7ca9a3fb16b06741dea80
SHA1

11135094d9441d2a04e587a52f81a6ee319a7d4f
SHA256

6520f0bb61bdf1c7ea631c8cf69287361ac56b879409dc240901899d6fd11120
SHA512

f9d7b00882a29aeb936e581a0e2c1962f0dc127a1c41902c468ea07922f27aa7d7e2bbdd50f3d5cbcadd5e900ff2dea8b52074d4eacd90982e3ecbf38c81c430
SSDEEP

6144:TNtHWjTRGfOs826KPJu5/kZ3i7pLvbK0go6Q0pm9F0m:nHWjTe6leJm/kc7Bbaot0gb5

Score

N/A

Malware Config

Signatures

Files

6520f0bb61bdf1c7ea631c8cf69287361ac56b879409dc240901899d6fd11120
.exe windows x86

09a6c4ea79e930118d957a0bcc1c0f17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetExitCodeProcess
OpenMutexA
GetDiskFreeSpaceA
GetDiskFreeSpaceA
WaitForMultipleObjects
lstrcmpA
LoadLibraryA
GetPrivateProfileIntW
GetPrivateProfileSectionA
Sleep
GetFileAttributesA
GetPrivateProfileIntW
LoadLibraryExW
Sleep
Sleep
CreateEventA
SetEnvironmentVariableW
HeapCreate
GetPriorityClass
SetFilePointer
lstrcmpiA
InterlockedExchange

catsrv

CreateComponentLibraryTS
GetCatalogCRMClerk
OpenComponentLibraryTS
DllCanUnloadNow

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE