f13faa3f9665bd07e7e42619161346bba82fd11cab71317dc4fd41f8c8f61db0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f13faa3f9665bd07e7e42619161346bba82fd11cab71317dc4fd41f8c8f61db0
Size

816KB
MD5

e6be90593b5f4b4804439580bb3a6195
SHA1

f069c35c8bdeb408a9eef58eca37d8fb7766dadb
SHA256

f13faa3f9665bd07e7e42619161346bba82fd11cab71317dc4fd41f8c8f61db0
SHA512

6d59bade4e303eda7dd28af948a74d96876f71a771d5c19e3cadaa3689659f9b369f0103f1f4f8912c3c79ab304d231c60b189c7c769d8a3ba001536282be243
SSDEEP

24576:B8FN/RcIY5LxZuPKaUvOketavLWD43Vp6AHHNAM97bAsV:yFbJY5LxZuPTZYzfTpHH+K4s

Score

N/A

Malware Config

Signatures

Files

f13faa3f9665bd07e7e42619161346bba82fd11cab71317dc4fd41f8c8f61db0
.exe windows x86

b58cd21b18dd8d1429b7bdf26e3f3ae4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
Beep
VirtualProtect
ReleaseMutex
Beep
WriteConsoleW
Beep
TlsGetValue
lstrcatA
GetFullPathNameW
SetCurrentDirectoryW
GetModuleHandleA
Beep
Beep
DeleteFileW
GetModuleFileNameW
lstrlenW
Beep
SetLocaleInfoA
Beep
VirtualQuery
FormatMessageA
GetCurrentThreadId
Beep
SetThreadPriority
GetCommandLineA
Beep
Beep
TlsSetValue

catsrvut

RegDBBackup
RegDBRestore
StartMTSTOCOM
CGMIsAdministrator

Sections

.TEXT
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ