Regshot-x64-Unicode[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Regshot-x64-Unicode.exe
Size

133KB
MD5

c48a906a47d7e66366435b6d9d3d0be1
SHA1

a9ead0de5d5648695932f2f415b82076d16189b7
SHA256

299702f56210ab1860ad4b6ad7611e22abcb048114a52f15a04c896bd33cd2d9
SHA512

944a32204577f447dd8d21e4b3e444c3500ba45e326ee5249caa7be97faa1f585a79fb3204acf6e168d91bec7e91f40da3612f310faa2512b1c3fc81a9808c76
SSDEEP

3072:ao9jbiWCo52DOI3Jnr0Nd07GbYmdCsXmfwNTfuocbtmm2S5TovFAX:NMYdkstmkTdm2vFA

Score

1^/10

Malware Config

Signatures

Files

Regshot-x64-Unicode.exe
.exe windows x64

71e8ee39f2e6df1556c761163a4876e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindClose
FindNextFileW
GetFileTime
CloseHandle
GetFileInformationByHandle
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileSectionW
SystemTimeToFileTime
CompareFileTime
GetComputerNameW
WideCharToMultiByte
ReadFile
GetLastError
GetSystemTime
WritePrivateProfileStringW
GetPrivateProfileIntW
GetProcessHeap
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
FlushFileBuffers
CreateFileA
MultiByteToWideChar
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapReAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileW
WriteFile
GetFileAttributesW
GetTickCount
HeapFree
HeapAlloc
SetFilePointer
FindFirstFileW
GetFileSize
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapSetInformation
HeapCreate

user32

GetWindowRect
GetMessageW
PostQuitMessage
TrackPopupMenu
TranslateMessage
IsDialogMessageW
LoadIconW
SetClassLongPtrW
CreateDialogParamW
DestroyMenu
SetWindowTextW
DispatchMessageW
LoadCursorW
AppendMenuW
EnableMenuItem
CreatePopupMenu
SetMenuDefaultItem
EnableWindow
SetCursor
MessageBeep
GetDlgItem
ShowWindow
SendMessageW
MessageBoxW
SetDlgItemTextW
PeekMessageW
SendDlgItemMessageW
GetDlgItemTextW
UpdateWindow
SetFocus

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegQueryInfoKeyW
GetUserNameW
RegCloseKey

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71e8ee39f2e6df1556c761163a4876e5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 16KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 16KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 1024B - Virtual size: 924B