5aa57859cf2c6d1ef653d15d40dc79340917266e695507bc029133648b77bb5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5aa57859cf2c6d1ef653d15d40dc79340917266e695507bc029133648b77bb5a
Size

816KB
MD5

d645cb5dbd37d22c530d91b260002b2d
SHA1

679f5da52fb9ef6e948b5c9e3db1f021ace5481c
SHA256

5aa57859cf2c6d1ef653d15d40dc79340917266e695507bc029133648b77bb5a
SHA512

51f1a021bc1ee5ece15ff6a2b071b1b460e7de30122706695be0b60a0909bf09cda294839f3b4d203f7f0f7fce55d9062d7dab4db44bdb84ae791339599b6c81
SSDEEP

24576:lrz/9VTfteURPaoZbm7TVxV2YS08FrkELlGV4E/:lPFVTF3RrYfV2jVlLlg4E/

Score

N/A

Malware Config

Signatures

Files

5aa57859cf2c6d1ef653d15d40dc79340917266e695507bc029133648b77bb5a
.exe windows x86

d4a2142b0ef9b5b428e914cd020c6c20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
WriteConsoleW
SetLocaleInfoW
Beep
GetModuleHandleA
Beep
lstrcmpA
FormatMessageA
TlsGetValue
Beep
DeleteFileW
SetThreadPriority
OpenMutexA
VirtualProtect
ReleaseMutex
SetCurrentDirectoryW
GetCommandLineA
Beep
Beep
Beep
GetFullPathNameW
GetCurrentThreadId
Beep
GetPrivateProfileIntA
TlsSetValue
Beep
Beep
lstrcatA
VirtualQuery

catsrvut

RegDBBackup
CGMIsAdministrator
StartMTSTOCOM
RegDBRestore

Sections

.TEXT
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE