5ebc86dfd33113515265ee7d6bc2943535ac880a5b9c80c4178b6065959021a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ebc86dfd33113515265ee7d6bc2943535ac880a5b9c80c4178b6065959021a2
Size

816KB
MD5

212f3ea82b47b835d3279cba782ec944
SHA1

3432601cfd202b99a34630a1aa73b07d1541a968
SHA256

5ebc86dfd33113515265ee7d6bc2943535ac880a5b9c80c4178b6065959021a2
SHA512

8c421c5173c36985f6efafa8ec85809c4f32513963c707476a439c97a9bb8c7738372191aeb197d15361c1cd3a185366fc3575979469a6b18d1dcef3fe94d0c4
SSDEEP

12288:n6SPxV3rPy0xfviR389OnIjZACoOOJDn6Fag0LIYjRZA0ofCJ2roiJC18zJObiL:ntvrP9SwXdOJJV/YzqJKE

Score

N/A

Malware Config

Signatures

Files

5ebc86dfd33113515265ee7d6bc2943535ac880a5b9c80c4178b6065959021a2
.exe windows x86

1b9689852f8221049e318835c55a13ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
FormatMessageA
lstrlenW
Beep
Beep
GetCurrentThreadId
GetModuleHandleA
GetPrivateProfileIntA
SetThreadPriority
Beep
VirtualProtect
GetCommandLineA
Beep
Beep
Beep
VirtualQuery
Beep
GetFullPathNameW
WriteConsoleW
TlsSetValue
DeleteFileW
lstrcatA
ReleaseMutex
Beep
SetLocaleInfoA
SetCurrentDirectoryW
Beep
TlsGetValue
Beep

catsrvut

RegDBBackup
CGMIsAdministrator
StartMTSTOCOM
RegDBRestore

Sections

.TEXT
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ