8292f87224f0759d52cce5759476e7721c0a558d7cca9c4185f3e33136427231

Sharing

Copy URL Twitter E-mail

General

Target

8292f87224f0759d52cce5759476e7721c0a558d7cca9c4185f3e33136427231
Size

241KB
MD5

84c7df72e5895f711a2c26a41949e130
SHA1

9d50aa60f6d5d7f9d69179ee8499a942065d6d06
SHA256

8292f87224f0759d52cce5759476e7721c0a558d7cca9c4185f3e33136427231
SHA512

96c30a8595905e6794b15bfc4326f1905dc6cb639fc255b587acfb7c5eb3550ef020321dd0f385cc01f0bc834217ad46acb926d155eb71969505a00073d233b2
SSDEEP

6144:3z4+i7r64FkKpY4XK4PpTU9seSpCcq8Of8M1LRC:E64dprXK41kSpCf1LQ

Score

N/A

Malware Config

Signatures

Files

8292f87224f0759d52cce5759476e7721c0a558d7cca9c4185f3e33136427231
.exe windows x86

d6689fa6070f4fc980873f8114e16771

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

catsrvut

DllUnregisterServer
RegDBRestore
??1CComPlusInterface@@UAE@XZ
??4CComPlusComponent@@QAEAAV0@ABV0@@Z
??_7CComPlusMethod@@6B@
?GetITypeLib@CComPlusTypelib@@QAEPAUITypeLib@@XZ
StartMTSTOCOM
??1CComPlusComponent@@UAE@XZ
QueryUserDllW
??4CComPlusInterface@@QAEAAV0@ABV0@@Z
??4CComPlusTypelib@@QAEAAV0@ABV0@@Z
RegDBBackup
??0CComPlusInterface@@QAE@ABV0@@Z
RunMTSToCom
??0CComPlusComponent@@QAE@ABV0@@Z
SysprepComplus2
DllGetClassObject
DllCanUnloadNow
FindAssemblyModulesW
??4CComPlusMethod@@QAEAAV0@ABV0@@Z
??_7CComPlusComponent@@6B@
CGMIsAdministrator

kernel32

TransmitCommChar
DuplicateConsoleHandle
BuildCommDCBAndTimeoutsA
SetHandleContext
SetConsoleKeyShortcuts
RegisterWaitForSingleObject
GetTickCount
GetCurrencyFormatW
LoadLibraryW
InitializeCriticalSection
GetDefaultCommConfigA
GetUserDefaultLCID
GlobalFlags
BaseFlushAppcompatCache
SetThreadPriority

imagehlp

SymGetSearchPath
SymGetLinePrev
BindImage
SymGetTypeFromName
SymGetModuleBase64
TouchFileTimes
SymSetSearchPath
MapFileAndCheckSumA
EnumerateLoadedModules64
ImageRvaToVa
SymEnumerateSymbolsW64
RemovePrivateCvSymbolic
ReBaseImage64
ImagehlpApiVersion
SymGetLineFromName64
ImageDirectoryEntryToData
SymLoadModule64
SetImageConfigInformation

netapi32

DsValidateSubnetNameA
NetLocalGroupAdd
NetpAllocFtinfoEntry
NetReplImportDirLock
NetpwNameCanonicalize
NetValidateName
NetReplImportDirGetInfo
I_NetDfsIsThisADomainName
DsAddressToSiteNamesW
NetWkstaTransportEnum
NetpGetFileSecurity
I_NetDatabaseSync2
NetServerTransportAdd
NetLocalGroupEnum
NlBindingSetAuthInfo
NetServerTransportDel
NetUserModalsSet
I_BrowserQueryOtherDomains
DsRoleDcAsReplica
NetShareSetInfo
NetpGetConfigDword
DsGetDcOpenW
NetMessageNameEnum
NetSessionDel
DsAddressToSiteNamesExA
Netbios
DsValidateSubnetNameW
NetReplSetInfo
NetUserEnum
DsMergeForestTrustInformationW
RxNetAccessSetInfo
NetGroupDel
NetQueryDisplayInformation
I_NetAccountDeltas
NetConfigSet
NetGroupSetInfo
NetErrorLogRead
NetLocalGroupAddMembers
DsGetDcSiteCoverageA

mspatcha

ApplyPatchToFileExW
ApplyPatchToFileExA
ApplyPatchToFileByHandles
TestApplyPatchToFileA
TestApplyPatchToFileByHandles
GetFilePatchSignatureByHandle
TestApplyPatchToFileW
ApplyPatchToFileByHandlesEx
ApplyPatchToFileA
GetFilePatchSignatureA
ApplyPatchToFileW

icmp

IcmpParseReplies
IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho2
do_echo_req
register_icmp
IcmpSendEcho
do_echo_rep

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6689fa6070f4fc980873f8114e16771

Headers

File Characteristics

Imports

catsrvut

kernel32

imagehlp

netapi32

mspatcha

icmp

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 50KB - Virtual size: 50KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 50KB - Virtual size: 50KB

.rsrc
Size: 6KB - Virtual size: 5KB