4085cc9e2d20fe4646028cde28f73addc83138e6dca5803e6e4ad5b8fec477cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4085cc9e2d20fe4646028cde28f73addc83138e6dca5803e6e4ad5b8fec477cb
Size

815KB
MD5

20548f9fdcbb925fe23af4b7a3736bd0
SHA1

751db7caf7165c693f38eee9e342687f498667ed
SHA256

4085cc9e2d20fe4646028cde28f73addc83138e6dca5803e6e4ad5b8fec477cb
SHA512

cf4c4dfdf512b70664bf11c5e9fbf1b5587ced001fb7a149253dc28139d380ab1fe29e4dbaa2b41912a260996267d4190ce914ca650aa444b9fa8dfd41b61e2f
SSDEEP

24576:VbR1daohad/vgfJT1rfP5XbaSc+iduvZy5H:VbR1+X+x5ZPv

Score

N/A

Malware Config

Signatures

Files

4085cc9e2d20fe4646028cde28f73addc83138e6dca5803e6e4ad5b8fec477cb
.exe windows x86

6fdbf77e2ec3d48a395c7199bae3ba9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
LeaveCriticalSection
LeaveCriticalSection
GetPrivateProfileIntW
GetCurrentProcess
RemoveDirectoryA
InterlockedExchange
ReadConsoleW
GetFileType
VirtualAlloc
FindFirstVolumeW
GetModuleHandleA
FormatMessageA
lstrcatA
GetStringTypeA
SetCurrentDirectoryA
GetDiskFreeSpaceA
SetEnvironmentVariableW
GetFullPathNameW

catsrvut

StartMTSTOCOM
CGMIsAdministrator
RegDBRestore
RegDBBackup

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ADATA
Size: 802KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ