45212695682dc62978c7a14462d6d14af2909219786c66a8149296350d4dfcc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

45212695682dc62978c7a14462d6d14af2909219786c66a8149296350d4dfcc4
Size

817KB
MD5

e18d472b28817fecf9cfaea465cbf4d1
SHA1

a965ee2a0babc1c352f4c8079920eaeb54eff667
SHA256

45212695682dc62978c7a14462d6d14af2909219786c66a8149296350d4dfcc4
SHA512

3cf04df759ad8aec2cf9cf074f69be7258e60d18a91a85db149e890e3f4608ff274d8418e42b36fd8a3b5267b3ee7f4bae386eb02f2f91a739265c24bb6dcd62
SSDEEP

24576:LN1AB6MuFqsU2b2JzGLaBGIHIzqpldH91bP5gOW:LXA8jU2b2t1BGIXH95PHW

Score

N/A

Malware Config

Signatures

Files

45212695682dc62978c7a14462d6d14af2909219786c66a8149296350d4dfcc4
.exe windows x86

3b1c35e4a84bcca294f115fc9d823332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
GetCurrentThreadId
Beep
Beep
GetFullPathNameW
lstrcatA
WriteConsoleW
VirtualProtect
FormatMessageA
Beep
Beep
GetFileSize
Beep
GetPrivateProfileIntA
SetLocaleInfoW
Beep
GetCommandLineA
VirtualQuery
TlsSetValue
SetThreadPriority
DeleteFileW
SetCurrentDirectoryW
Beep
Beep
TlsGetValue
lstrcmpA
GetModuleHandleA
OpenMutexA
Beep

catsrvut

CGMIsAdministrator
RegDBRestore
StartMTSTOCOM
RegDBBackup

Sections

.TEXT
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE