4c3743283faaad34d273a3f06a5b844fff08804182dda0cf683632db09b3badb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c3743283faaad34d273a3f06a5b844fff08804182dda0cf683632db09b3badb
Size

816KB
MD5

dad58dcabd2275fb57b335ad9efb000b
SHA1

b6f4876c227b2b44ce65155088e5e86f08b7431a
SHA256

4c3743283faaad34d273a3f06a5b844fff08804182dda0cf683632db09b3badb
SHA512

e49a0fd9c6806f12bfa0f7b3dccce2dbbd2230850c1ebdf2f35254b91aee66eeb4c70bed9d43292afe42011b60e5fe162973bb193e5410920f0d80b9d2fcbacc
SSDEEP

12288:0lPoHLVWAwh14J/Z+rW4NU0eT+54fPuhVqeI7ErdAn8nuZkALdJAke:OPmsAwh16P30eT+54OZrinSzArAk

Score

N/A

Malware Config

Signatures

Files

4c3743283faaad34d273a3f06a5b844fff08804182dda0cf683632db09b3badb
.exe windows x86

6303fb6f7355ddf989486b02ddc0c43b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
DeleteFileW
Beep
Beep
lstrlenW
Beep
Beep
ReleaseMutex
Beep
SetThreadPriority
GetModuleHandleA
TlsGetValue
Beep
Beep
VirtualQuery
GetPrivateProfileIntA
VirtualProtect
Beep
SetLocaleInfoA
Beep
WriteConsoleW
lstrcatA
FormatMessageA
GetModuleFileNameW
GetCommandLineA
Beep
GetCurrentThreadId
SetCurrentDirectoryW
GetFullPathNameW

catsrvut

RegDBBackup
StartMTSTOCOM
RegDBRestore
CGMIsAdministrator

Sections

.TEXT
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ