Christine-Fink_ByZ‮rar[.]scr | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Christine-Fink_ByZ‮rar.scr
Size

173.3MB
MD5

acda0aa3ac109f59131c728eea4b06d8
SHA1

0cf9a9b70bcb179c24e54b56003176e111c8646d
SHA256

b9ddb91a6de8542f1bbf920fbf40cc84780e18a3865b4f6407b4b168af0d13c5
SHA512

93e50e73a24a84b186ecd9f7ce3e512ada50b2c4c411d076b2829310c54db02323d3f5529bb11d22f21b76cd49e975925a84c7749d92b397bb9509b3e8796e85
SSDEEP

1572864:RgkU31ipgnoAQ3GJ/j7gbZQwxx3WIXHQmBUucN:RgkU1SrBm/fI3QiXcN

Score

1^/10

Malware Config

Signatures

Files

Christine-Fink_ByZ‮rar.scr
.exe windows x86

Password: 3123123

140094f13383e9ae168c4b35b6af3356

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
GetComputerNameA
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
SetErrorMode
Sleep
VirtualAllocExNuma

shlwapi

PathFindFileNameA

msvcrt

malloc
free
memset
strcmp
_strcmpi
strcpy

Sections

.text
Size: 173.2MB - Virtual size: 173.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ