efe4446b70be337b5adb7fd7cf9451dea357426c255c44d76c5c002aec35ad43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efe4446b70be337b5adb7fd7cf9451dea357426c255c44d76c5c002aec35ad43
Size

303KB
MD5

ae562e9599bb553c6e207d762945df9b
SHA1

b47870cea07aa564786d2acad80e337c087d1c21
SHA256

efe4446b70be337b5adb7fd7cf9451dea357426c255c44d76c5c002aec35ad43
SHA512

e34a36113e028a2919095fb6970da73bbfc2375ffcc4cbc5f31a402acbc261c348b0eaae8461238a5763fb19856c4b719fcd6ae9dd916f93f9342e544da369e1
SSDEEP

6144:dqtg623MHld1X1KICS1d9Rmr3nKA9OMQBazEVuZ5Cc0e6TVsq:dqtg623Ald91d9m3nn9OVazEAZ5Cc36

Score

N/A

Malware Config

Signatures

Files

efe4446b70be337b5adb7fd7cf9451dea357426c255c44d76c5c002aec35ad43
.exe windows x86

c92005f823a61f629af281a5531290fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
InterlockedDecrement
GetDiskFreeSpaceA
Sleep
lstrcmpA
SetEnvironmentVariableW
GetPrivateProfileSectionA
GetPrivateProfileIntW
LoadLibraryA
GetFileAttributesA
Sleep
GetPrivateProfileIntW
FindResourceW
GetLongPathNameW
GetDiskFreeSpaceA
lstrcmpiA
HeapCreate
WriteFileEx
GetExitCodeProcess
InterlockedIncrement
CreateDirectoryA
Sleep
LoadLibraryExA

catsrv

GetCatalogCRMClerk
OpenComponentLibraryTS
CreateComponentLibraryTS
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE