b41a4ec211cc95f2559affce05291160a611b0b868b43bd4ff339995a1eb6595 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b41a4ec211cc95f2559affce05291160a611b0b868b43bd4ff339995a1eb6595
Size

816KB
MD5

33be669bb7c38339db51d60b99c60e07
SHA1

d0f3ee66b2681b9df22392a3f434405455a15f2d
SHA256

b41a4ec211cc95f2559affce05291160a611b0b868b43bd4ff339995a1eb6595
SHA512

b41e9ab61ee1aaef69fb42e747515b7a4028a69ca01abb4999810fc596c8286536bedf77ef9fbb0baa1b73172120694d4758d992f1d752f47ba839786b35238a
SSDEEP

24576:07JsGjD+dOWvkyTit3eGXXtmD1Y/o4V7Vm:m25VuBX0c9V

Score

N/A

Malware Config

Signatures

Files

b41a4ec211cc95f2559affce05291160a611b0b868b43bd4ff339995a1eb6595
.exe windows x86

8c2bb01fe7c4e4c45f8c38db549dc89c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
Beep
Beep
TlsGetValue
Beep
Beep
GetModuleHandleA
Beep
TlsSetValue
GetPrivateProfileIntA
lstrcatA
GetCommandLineA
VirtualQuery
DeleteFileW
lstrlenW
SetCurrentDirectoryW
GetModuleFileNameW
GetFullPathNameW
Beep
Beep
Beep
WriteConsoleW
FormatMessageA
SetLocaleInfoA
ReleaseMutex
Beep
VirtualProtect
SetThreadPriority
GetCurrentThreadId

catsrvut

CGMIsAdministrator
RegDBRestore
RegDBBackup
StartMTSTOCOM

Sections

.text
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.vdata
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ