7bc6589d5c7a821d50a5b268471ded8b04954f10b4141963bb778aed199366b3

Sharing

Copy URL Twitter E-mail

General

Target

7bc6589d5c7a821d50a5b268471ded8b04954f10b4141963bb778aed199366b3
Size

109KB
MD5

200493f20d27b08783c0a0dd89315aa0
SHA1

46fe12330d15a355d77250e7c0b90d802d1447d3
SHA256

7bc6589d5c7a821d50a5b268471ded8b04954f10b4141963bb778aed199366b3
SHA512

49741bee8374a3c896fc4530f625140521acecaaf6498c52f2cc5fdf69d7d0eb5f163393a830d4bcfd9b7378cae1a1dcdd54ab215d14cc121dd5dc0e46f487ee
SSDEEP

1536:yxefFDUIYkK4cEui1gNNx0eW6QPB/4ZW1ck8zHhTduu+qjIk9WkD2oHxztP:yxeNhYZ4z1sxtbjIUWnoRzV

Score

N/A

Malware Config

Signatures

Files

7bc6589d5c7a821d50a5b268471ded8b04954f10b4141963bb778aed199366b3
.exe windows x64

8ec2f7c7273a17fd157c650d1123c9c5

Code Sign

b7:0a:24:d0:5a:c3:10:ce:f5:8a:1f:7e:88:fd:d0:70:a2:eb:75:21
Signer

Actual PE Digest

b7:0a:24:d0:5a:c3:10:ce:f5:8a:1f:7e:88:fd:d0:70:a2:eb:75:21

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

js0group

?GetNextToken@CATToken@@QEAA?AVCATUnicodeString@@AEBV2@@Z
??0CATToken@@QEAA@AEBVCATUnicodeString@@@Z
CATGetEnv
??1CATMsgCatalog@@QEAA@XZ
??1CATString@@QEAA@XZ
?GetLengthInChar@CATUnicodeString@@QEBAHXZ
?BuildMessage@CATMsgCatalog@@SA?BVCATUnicodeString@@AEBVCATString@@0PEAV2@HAEBV2@@Z
??0CATString@@QEAA@QEBD@Z
??0CATUnicodeString@@QEAA@QEBD@Z
??0CATMsgCatalog@@QEAA@XZ
??0CATUnicodeString@@QEAA@AEBV0@@Z
??1CATToken@@UEAA@XZ
?ConvertToChar@CATUnicodeString@@QEBAPEBDXZ
CATGetTempDirectory
CATFileAccess
CATDeleteFile
??0CATUnicodeString@@QEAA@XZ
??4CATUnicodeString@@QEAAAEAV0@AEBV0@@Z
??1CATUnicodeString@@QEAA@XZ

cxinstutil

?CATInsQueryServiceBinary@@YAHPEADPEAPEADAEAVCATUnicodeString@@@Z
?CATInsStopService@@YAHPEADAEAVCATUnicodeString@@@Z
??0CATInsTaskList@@QEAA@XZ
?CATInsCheckTask@CATInsTaskList@@QEAAHPEBDPEAD@Z
?CATInsKillTask@CATInsTaskList@@QEAAXXZ
?CATInsGetListTask@CATInsTaskList@@QEAAXPEAPEAPEADPEAH@Z
??1CATInsTaskList@@QEAA@XZ
?CATInsIsRoot@@YAHXZ

msvcr90

__getmainargs
__C_specific_handler
_XcptFilter
_exit
_cexit
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_amsg_exit
sprintf
_spawnlp
__iob_func
fprintf
fflush
strstr
free
_strdup

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ec2f7c7273a17fd157c650d1123c9c5

Code Sign

b7:0a:24:d0:5a:c3:10:ce:f5:8a:1f:7e:88:fd:d0:70:a2:eb:75:21Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

js0group

cxinstutil

msvcr90

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 152B

.pdata Size: 512B - Virtual size: 216B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 36B

b7:0a:24:d0:5a:c3:10:ce:f5:8a:1f:7e:88:fd:d0:70:a2:eb:75:21
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 152B

.pdata
Size: 512B - Virtual size: 216B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 36B