e49dd0ba46edeb945c64f7edd1fde4b1767dfdc22eabe1f364584952cc601f0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e49dd0ba46edeb945c64f7edd1fde4b1767dfdc22eabe1f364584952cc601f0c
Size

121KB
MD5

38cd6e904352378f92a38240b997bf20
SHA1

09944004412554082275a9692a455b7f993ca32b
SHA256

e49dd0ba46edeb945c64f7edd1fde4b1767dfdc22eabe1f364584952cc601f0c
SHA512

3e4ba8ee9beef2d17db4633978834ce1d9cf103f5dbd6ab0c724ec93777186376106f29c0a4f324057339f24571fda7344060420f3f25bd2022b7d29ca8173a3
SSDEEP

3072:xbT3kbnHFz3hGtLzgo+mFa1NFMMOPqhpFW:ZAbhR2J+kMNFWPqhpFW

Score

N/A

Malware Config

Signatures

Files

e49dd0ba46edeb945c64f7edd1fde4b1767dfdc22eabe1f364584952cc601f0c
.exe windows x86

3e0ffd71e189926cd77c6fc91a28fabe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetLongPathNameW
WriteFileEx
lstrcmpA
GetDiskFreeSpaceW
WaitForSingleObject
InterlockedDecrement
Sleep
GetPrivateProfileIntW
CreateDirectoryA
LoadLibraryExA
InterlockedIncrement
GetDiskFreeSpaceW
Sleep
SetEnvironmentVariableA
LoadLibraryA
Sleep
GetPrivateProfileIntW
lstrcmpiA
GetExitCodeProcess
FindResourceW
GetFileAttributesA
GetPrivateProfileSectionA

catsrv

DllCanUnloadNow
CreateComponentLibraryTS
OpenComponentLibraryTS
GetCatalogCRMClerk

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE