Static Analysis

PE Compile Time

2019-06-10 18:29:32

PE Imphash

4c84d10323272583b9286a1186a7fe5a

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000b000 0x0000a400 6.54495892059
.rdata 0x0000c000 0x00010000 0x0000f800 6.43996928914
.data 0x0001c000 0x00002000 0x00001600 7.62759113641
.s7bz 0x0001e000 0x0000d000 0x00006800 7.98272145436
.reloc 0x0002b000 0x00001000 0x00000600 6.21532324578
.SCY 0x0002c000 0x00002000 0x00001a00 5.05186553798

Imports

Library user32.dll:
0xf8c9f8 wsprintfW
Library ntdll.dll:
Library winhttp.dll:
0xf8ca00 WinHttpSendRequest
Library kernel32.dll:
Library advapi32.dll:
0xf8ca08 RegQueryValueExW
Library ole32.dll:
Library kernel32.dll:
Library mpr.dll:
0xf8ca14 WNetCloseEnum
Library shlwapi.dll:
0xf8ca18 SHDeleteKeyW
Library kernel32.dll:
0xf8ca1c OpenMutexW
Library gdi32.dll:
0xf8ca20 GetObjectW
Library user32.dll:
0xf8ca24 ReleaseDC
Library kernel32.dll:
0xf8ca28 HeapDestroy
Library crypt32.dll:
Library kernel32.dll:
0xf8ca30 GetDiskFreeSpaceExW
Library winmm.dll:
0xf8ca34 timeBeginPeriod
Library kernel32.dll:
0xf8ca3c LocalFree
0xf8ca44 DeleteFileW
Library ntdll.dll:
Library advapi32.dll:
Library kernel32.dll:
0xf8ca54 HeapCreate
Library gdi32.dll:
0xf8ca58 SetBkMode
Library advapi32.dll:
Library gdi32.dll:
0xf8ca60 GetDeviceCaps
Library kernel32.dll:
0xf8ca64 CreateFileW
0xf8ca6c GetCurrentProcess
Library winhttp.dll:
0xf8ca70 WinHttpSetOption
Library advapi32.dll:
Library kernel32.dll:
0xf8ca78 TerminateProcess
Library shell32.dll:
0xf8ca7c CommandLineToArgvW
Library kernel32.dll:
Library gdi32.dll:
0xf8ca84 GetStockObject
Library advapi32.dll:
0xf8ca88 IsValidSid
0xf8ca8c RegSetValueExW
Library kernel32.dll:
0xf8ca90 CreateFileMappingW
Library gdi32.dll:
0xf8ca94 DeleteDC
Library kernel32.dll:
0xf8ca98 MapViewOfFile
0xf8ca9c CompareFileTime
Library advapi32.dll:
0xf8caa0 RegOpenKeyExW
0xf8caa4 RegCreateKeyExW
Library ntdll.dll:
0xf8caa8 _snwprintf
Library winhttp.dll:
0xf8caac WinHttpReadData
Library kernel32.dll:
Library gdi32.dll:
0xf8cab4 GetDIBits
Library kernel32.dll:
0xf8cab8 GetFileSize
0xf8cac0 OpenProcess
Library gdi32.dll:
0xf8cac4 SelectObject
Library winhttp.dll:
0xf8cac8 WinHttpCloseHandle
Library advapi32.dll:
0xf8cacc GetUserNameW
Library gdi32.dll:
Library kernel32.dll:
0xf8cad4 GlobalFree
0xf8cad8 CreateThread
0xf8cadc WaitForSingleObject
Library advapi32.dll:
0xf8cae0 OpenProcessToken
Library kernel32.dll:
0xf8cae4 LocalAlloc
0xf8caec VirtualAlloc
0xf8caf4 GetCommandLineW
Library crypt32.dll:
Library kernel32.dll:
0xf8cafc GetModuleFileNameW
0xf8cb00 GetSystemInfo
Library gdi32.dll:
0xf8cb08 SetBkColor
Library ntdll.dll:
0xf8cb0c NtClose
Library kernel32.dll:
0xf8cb10 SetFileAttributesW
0xf8cb14 WriteFile
Library gdi32.dll:
0xf8cb18 DeleteObject
Library advapi32.dll:
0xf8cb1c RevertToSelf
Library kernel32.dll:
0xf8cb20 Process32NextW
0xf8cb24 MulDiv
0xf8cb28 GetFileSizeEx
0xf8cb2c MoveFileW
Library advapi32.dll:
0xf8cb30 GetTokenInformation
Library kernel32.dll:
0xf8cb34 MultiByteToWideChar
0xf8cb38 ReadFile
0xf8cb3c UnmapViewOfFile
0xf8cb40 GetComputerNameW
Library user32.dll:
0xf8cb44 DrawTextW
Library mpr.dll:
0xf8cb48 WNetOpenEnumW
Library kernel32.dll:
0xf8cb4c GetCurrentProcessId
0xf8cb50 FindNextFileW
Library shlwapi.dll:
0xf8cb54 PathFindExtensionW
Library ntdll.dll:
0xf8cb58 NtOpenFile
Library kernel32.dll:
0xf8cb5c GetTempPathW
0xf8cb60 GetProcessHeap
0xf8cb64 SetErrorMode
0xf8cb6c HeapAlloc
0xf8cb70 FindFirstFileW
0xf8cb74 SetFilePointerEx
Library shlwapi.dll:
0xf8cb78 SHDeleteValueW
Library shell32.dll:
0xf8cb7c ShellExecuteExW
Library kernel32.dll:
Library winhttp.dll:
0xf8cb84 WinHttpOpen
Library kernel32.dll:
0xf8cb88 ExitProcess
Library winmm.dll:
0xf8cb8c timeGetTime
Library kernel32.dll:
0xf8cb90 GlobalAlloc
Library user32.dll:
0xf8cb98 GetDC
Library mpr.dll:
0xf8cb9c WNetEnumResourceW
Library ntdll.dll:
0xf8cba0 RtlTimeToTimeFields
Library kernel32.dll:
0xf8cba4 GetDriveTypeW
0xf8cba8 GetNativeSystemInfo
0xf8cbac FindClose
0xf8cbb0 CloseHandle
Library winhttp.dll:
Library user32.dll:
0xf8cbb8 GetForegroundWindow
Library gdi32.dll:
0xf8cbbc SetTextColor
Library user32.dll:
0xf8cbc0 FillRect
Library advapi32.dll:
0xf8cbc4 FreeSid
Library gdi32.dll:
0xf8cbc8 CreateCompatibleDC
Library winhttp.dll:
Library kernel32.dll:
0xf8cbd0 ReleaseMutex
Library gdi32.dll:
0xf8cbd4 SetPixel
Library kernel32.dll:
0xf8cbd8 Sleep
Library gdi32.dll:
0xf8cbdc CreateFontW
Library winhttp.dll:
0xf8cbe0 WinHttpConnect
Library kernel32.dll:
0xf8cbe4 GetProcAddress
Library ntdll.dll:
0xf8cbe8 RtlFreeHeap
Library kernel32.dll:
0xf8cbec Process32FirstW
0xf8cbf0 WideCharToMultiByte
Library winhttp.dll:
0xf8cbf8 WinHttpQueryHeaders
Library advapi32.dll:
0xf8cbfc CryptGenRandom
Library winhttp.dll:
0xf8cc00 WinHttpOpenRequest
Library kernel32.dll:
0xf8cc04 CreateMutexW
0xf8cc08 GetSystemDirectoryW
0xf8cc0c GetFileAttributesW
Library winhttp.dll:
0xf8cc10 WinHttpCrackUrl
Library advapi32.dll:
Library kernel32.dll:
Library user32.dll:
Library advapi32.dll:
0xf8cc20 RegCloseKey
!This program cannot be run in DOS mode.
`.rdata
@.data
.reloc
u=j Ph
tJj.Xf
t;jzja
QQQQQQQP
jZf@Yf
SVu:W3
u19t-
YY_^[]
YYt@h<
OH_^[]
3^83^`3
3F(3FP3Fx3
3N,3NT3N|3
3V<3Vd3
~ 3~H3~p3
3^@3^h3
3F03FX3
3N43N\3
3VD3Vl3
^$3^L3^t3
0123456789abcdef
a0LO>;7!YH!K3
-%*/+a)!)@%B-I+
03AD#TK)HBSZ
6Y$6MP[9
[U5EU0,??"a:OUO1-
L5(^M]F89
A`B\MI@FG!BZ-,
.!a<98@
XTa!=F
baC$LMXC
&,K^-I)#
\G_&/Hc
8^S,N9YU
&HUDGBJ. 5B?
;T$<w!
t$8+T$4;
@USVWATAVAWH
`A_A^A\_^[]
UVWATAVH
@A^A\_^]
USVWQH
kernel32
H;T$(w(
t$0H+T$8H;
STATIC
Global\
ntdll.dll
sysshadow
msctfime ui
SCROLLBAR
ASARAQAPRQ
YZAXAYAZA[
RWVSAT
A\[^_Z
M4@8}:u+
u(@8}:u
u+@8}:
tH@8}:u
UVWATAUAVAWH
A_A^A]A\_^]
D$`D3"
l$ VWATAUAVH
A^A]A\_^
UVWATAUAVAWH
PA_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
UVWATAUAVAWH
H!|$XD
A_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
t$ WAVAWH
H!l$(H
0A_A^_
x UAVAWH
_snwprintf
_stricmp
msvcrt.dll
GetCurrentProcess
GetSystemDirectoryW
GetModuleHandleA
LoadLibraryA
GlobalAlloc
GlobalFree
GetSystemInfo
CopyFileW
IsWow64Process
TlsSetValue
HeapFree
WaitForSingleObject
GetCurrentThreadId
HeapAlloc
SleepEx
TlsGetValue
CreateEventA
SetThreadAffinityMask
ReadFile
HeapCreate
VirtualProtect
SetPriorityClass
SetThreadPriority
CreateFileW
ResumeThread
CreateFileA
GetSystemDirectoryA
TerminateThread
TlsAlloc
DeleteFileW
CloseHandle
CreateThread
GetFileSize
GetProcessHeap
TlsFree
KERNEL32.dll
UnhookWinEvent
SetWinEventHook
CreateMenu
PostQuitMessage
AppendMenuA
SetClassLongA
SetParent
SendMessageA
TranslateMessage
CreateWindowExA
DestroyMenu
DefWindowProcA
RegisterClassA
GetClassLongA
ShowWindow
SetThreadDesktop
GetClassNameA
SetClassLongPtrW
PostMessageA
SetWindowLongPtrW
SetActiveWindow
SetWindowPos
DestroyWindow
DispatchMessageA
GetMessageA
CreateDesktopA
CloseDesktop
USER32.dll
RtlImageRvaToSection
NtQuerySystemInformation
RtlInitUnicodeString
RtlQueryEnvironmentVariable_U
RtlImageNtHeader
RtlGetVersion
RtlAllocateActivationContextStack
NtCallbackReturn
RtlAllocateHeap
NtSetTimer
RtlFreeHeap
NtCreateTimer
ntdll.dll
RpcStringFreeA
UuidToStringA
RPCRT4.dll
memset
STATIC
Global\
sysshadow
msctfime ui
SCROLLBAR
.rdata
.rdata$zzzdbg
.text$mn
.idata$5
.idata$2
.idata$3
.idata$4
.idata$6
RPhzC,(
t!WjAV
sDWPj?V
x}WWWS
jPZjdY
D$L!q@
_snwprintf
_stricmp
msvcrt.dll
WaitForSingleObject
GetExitCodeThread
TerminateThread
CreateThread
TlsSetValue
HeapFree
GetCurrentThreadId
HeapAlloc
SleepEx
TlsGetValue
CreateEventA
SetThreadAffinityMask
HeapCreate
VirtualProtect
SetPriorityClass
GetCurrentProcess
SetThreadPriority
ResumeThread
GetModuleHandleA
TlsAlloc
CloseHandle
GetProcessHeap
TlsFree
LoadLibraryA
GetSystemInfo
IsWow64Process
KERNEL32.dll
UnhookWinEvent
SetWinEventHook
CreateMenu
PostQuitMessage
AppendMenuA
SetClassLongA
SetParent
SendMessageA
TranslateMessage
CreateWindowExA
DefWindowProcA
RegisterClassA
SetMenuInfo
SetWindowLongA
GetClassLongA
SetClassLongW
ShowWindow
SetThreadDesktop
GetClassNameA
PostMessageA
SetActiveWindow
SetWindowPos
DestroyWindow
DispatchMessageA
GetMessageA
CreateDesktopA
CloseDesktop
SystemParametersInfoW
USER32.dll
NtFreeVirtualMemory
NtAllocateVirtualMemory
NtCallbackReturn
RtlAllocateHeap
NtSetTimer
RtlInitUnicodeString
RtlFreeHeap
NtCreateTimer
RtlGetVersion
ntdll.dll
RpcStringFreeA
UuidToStringA
RPCRT4.dll
memcpy
memset
#171K1_1s1
253x3)4\4
4!5<5[5j5
656B6O6\6i6w6
7&7Q7v7
:,:K:t:|:
;4;A;J;_;j;{;
<<N<Z<`<p<
=1=g={=
=<>N>v>
1'1-1H1P1[1n1u1
1/2=2h2r2
203K3U3_3w3~3
5*505I5e5k5
9'9-9G9R9t9
:&:::E:S:\:o:y:
;-;2;8;=;C;P;m;
<3<G<S<i<r<{<
<<=M=^=o=
>$>9>N>[>
?"?/???H?
0(020=0G0^0h0s0}0
4 4)4=4
51575A5d5j5p5v5|5
6$6*60666<6B6H6N6T6Z6`6f6l6r6x6~6
;T$<w!
t$8+T$4;
STATIC
Global\
sysshadow
msctfime ui
SCROLLBAR
t"WjAV
sDWPj?V
x}WWWS
jPZjdY
strcpy
memset
_snwprintf
_stricmp
msvcrt.dll
GetCurrentProcess
GetSystemInfo
IsWow64Process
TlsSetValue
HeapFree
WaitForSingleObject
GetCurrentThreadId
HeapAlloc
SleepEx
TlsGetValue
CreateEventA
SetThreadAffinityMask
HeapCreate
VirtualProtect
SetPriorityClass
SetThreadPriority
ResumeThread
GetModuleHandleA
TerminateThread
TlsAlloc
CloseHandle
CreateThread
GetProcessHeap
TlsFree
KERNEL32.dll
UnhookWinEvent
SetWinEventHook
CreateMenu
PostQuitMessage
AppendMenuA
SetClassLongA
SetParent
SendMessageA
TranslateMessage
CreateWindowExA
DefWindowProcA
RegisterClassA
SetMenuInfo
SetWindowLongA
GetClassLongA
SetClassLongW
ShowWindow
SetThreadDesktop
GetClassNameA
PostMessageA
SetActiveWindow
SetWindowPos
DestroyWindow
DispatchMessageA
GetMessageA
SystemParametersInfoW
CreateDesktopA
CloseDesktop
USER32.dll
RtlGetVersion
NtCallbackReturn
RtlAllocateHeap
NtSetTimer
RtlInitUnicodeString
RtlFreeHeap
NtCreateTimer
ntdll.dll
RpcStringFreeA
UuidToStringA
RPCRT4.dll
3 3$3M6S6i6w6}6
6%7/7>7H7W7a7p7z7
8"818Y8s8
; ;-;:;G;U;b;
<1<V<f<~<
?,?U?]?
0 0)0>0I0Z0`0{0
0+171=1M1{1
6"6*656H6O6`6q6
7B7L7Z7k7w7
8%8/898Q8X8z8
:#:>:C:L:e:
;^<x<}<
>'>2>T>
!01080>0D0K0Q0X0]0d0i0p0u0|0
1)1F1Y1d1r1
2*2=2|2
3&3<3E3N3T3b3h3u3
4%4+454W4]4c4i4u4{4
5"5(5.545:5@5F5L5R5X5^5d5j5p5v5|5
6$6*60666<6B6H6N6T6Z6
expand 32-byte kexpand 16-byte k
=j&&LZ66lA??~
}{))R>
f""D~**T
V22dN::t
o%%Jr..\$
&&Lj66lZ??~A
99rKJJ
==zGdd
""Df**T~
;22dV::tN
$$Hl\\
C77nYmm
%%Jo..\r
>!KK
55j_WW
&Lj&6lZ6?~A?
~=zG=d
"Df"*T~*
2dV2:tN:
x%Jo%.\r.
t>!K
a5j_5W
ggV}++
Lj&&lZ66~A??
bS11*?
Xt,,4.
RRvM;;
MMfU33
PPxD<<%
Bc!! 0
~~zG==
Df""T~**;
dV22tN::
xxJo%%\r..8$
tt>!
pp|B>>q
aaj_55
UUPx((
cccc||||wwww{{{{
kkkkoooo
gggg++++
YYYYGGGG
&&&&6666????
nnnnZZZZ
RRRR;;;;
[[[[jjjj
9999JJJJLLLLXXXX
CCCCMMMM3333
PPPP<<<<
~~~~====dddd]]]]
ssss````
""""****
2222::::
$$$$\\\\
7777mmmm
llllVVVV
eeeezzzz
xxxx%%%%....
ttttKKKK
pppp>>>>
ffffHHHH
aaaa5555WWWW
UUUU((((
BBBBhhhhAAAA
='9-6d
_jbF~T
11#?*0
,4$8_@
t\lHBW
QPeA~S
>4$8,@
p\lHtW
+HpXhE
T[$:.6
00006666
CCCCDDDD
TTTT{{{{
####====
ffff((((
vvvv[[[[
IIIImmmm
%%%%rrrr
]]]]eeee
llllppppHHHHPPPP
FFFFWWWW
kkkk::::
AAAAOOOOgggg
tttt""""
nnnnGGGG
VVVV>>>>KKKK
yyyy
YYYY''''
____````QQQQ
;;;;MMMM
ccccUUUU!!!!
1WG~k:g
#R9Cli+
`Q{!K=
`p~TvP4
Uv0%`s
(sB|:\
>\og`pB\
]LQG9p
iCoEzkNtf7nj8MZhdk6B2LiuT8gU8tVX
^x+2:8
;b:gM
y46~xA
/J:f7Mv*
8d#*&D/
e`mB(c
A{3EJ!
k^~X\M
M6'-?O.}4
ze=pct
zI%o70
m27l},2
FBsk>k
H=1|<
b1.+Z^
S{NHU*z:
>I@#&&
Ll@Z-e
j-#i>KM
aK`0t#
,_^,h#l
{ciugY
WEtc\
pV#eY0
w8W:4!
Rq}by<
b^Q46,1
,/$*dd
-0ST"s
"'!f\yh
;%~DiF6
~YkK7c0
%{NIl]
Qk/q(OJ$
Ap5t)cH
%r4*jj
9td/Pm_
xvYh?G
)U[kTYD
wnX@jX
xyk>UL@5
pE`g%p
54TJGi5
Z=L0e#
bQ'$>G
#0>0U0h0
2+2B2]2t2
3)3@3\3
4$4,444<4D4L4T4\4d4l4t4|4
545N5h5
6'6B6_6
7!717A7U7e7u7
7!8&8x8
9'9F9P9c9
:":+:4:=:F:O:X:a:v:{:
:+;O;k;
>W?q?y?
0&050@0K0P0j0
1,1>1K1W1
6B7d7t7
7A809E9
<"<5<H<U<b<
=;>R>g>
>+?J?w?
6-646Z6}6
:":-:J:]:f:r:z:
<#<5<:<D<I<O<Z<s<Z=c=
/0H0v061O1^1
404G4q4
45&55595v5
6'6@6z6
8)8?8f8
9 9&929B9H9\9
9Z;`;j;p;
<K<d<v<
<<<<u<
<7= >'>.>5><>C>J>p>|>
2B3[3r3
9F9S9\9z9
:/:8:?:l:x:
;';8;U;
4!404C4J4T4
5*575>5K5W5r5y5
6*6=6D6N6|6
7K7`7t7
9,9=9I9x9
: :`:u:
;,;C;W;f;
<&<7<F<~<
user32.dll
wsprintfW
ntdll.dll
RtlGetLastWin32Error
winhttp.dll
WinHttpSendRequest
kernel32.dll
PostQueuedCompletionStatus
advapi32.dll
RegQueryValueExW
ole32.dll
CreateStreamOnHGlobal
kernel32.dll
CreateToolhelp32Snapshot
mpr.dll
WNetCloseEnum
shlwapi.dll
SHDeleteKeyW
kernel32.dll
OpenMutexW
gdi32.dll
GetObjectW
user32.dll
ReleaseDC
kernel32.dll
HeapDestroy
crypt32.dll
CryptBinaryToStringW
kernel32.dll
GetDiskFreeSpaceExW
winmm.dll
timeBeginPeriod
kernel32.dll
GetUserDefaultUILanguage
LocalFree
GetFileAttributesExW
DeleteFileW
ntdll.dll
RtlInitUnicodeString
advapi32.dll
ImpersonateLoggedOnUser
kernel32.dll
SystemTimeToFileTime
HeapCreate
gdi32.dll
SetBkMode
advapi32.dll
CryptAcquireContextW
gdi32.dll
GetDeviceCaps
kernel32.dll
CreateFileW
CreateIoCompletionPort
GetCurrentProcess
winhttp.dll
WinHttpSetOption
advapi32.dll
AllocateAndInitializeSid
kernel32.dll
TerminateProcess
shell32.dll
CommandLineToArgvW
kernel32.dll
InitializeCriticalSection
gdi32.dll
GetStockObject
advapi32.dll
IsValidSid
RegSetValueExW
kernel32.dll
CreateFileMappingW
gdi32.dll
DeleteDC
kernel32.dll
MapViewOfFile
CompareFileTime
advapi32.dll
RegOpenKeyExW
RegCreateKeyExW
ntdll.dll
_snwprintf
winhttp.dll
WinHttpReadData
kernel32.dll
LeaveCriticalSection
gdi32.dll
GetDIBits
kernel32.dll
GetFileSize
DeleteCriticalSection
OpenProcess
gdi32.dll
SelectObject
winhttp.dll
WinHttpCloseHandle
advapi32.dll
GetUserNameW
gdi32.dll
CreateCompatibleBitmap
kernel32.dll
GlobalFree
CreateThread
WaitForSingleObject
advapi32.dll
OpenProcessToken
kernel32.dll
LocalAlloc
Wow64RevertWow64FsRedirection
VirtualAlloc
Wow64DisableWow64FsRedirection
GetCommandLineW
crypt32.dll
CryptStringToBinaryW
kernel32.dll
GetModuleFileNameW
GetSystemInfo
GetQueuedCompletionStatus
gdi32.dll
SetBkColor
ntdll.dll
NtClose
kernel32.dll
SetFileAttributesW
WriteFile
gdi32.dll
DeleteObject
advapi32.dll
RevertToSelf
kernel32.dll
Process32NextW
MulDiv
GetFileSizeEx
MoveFileW
advapi32.dll
GetTokenInformation
kernel32.dll
MultiByteToWideChar
ReadFile
UnmapViewOfFile
GetComputerNameW
user32.dll
DrawTextW
mpr.dll
WNetOpenEnumW
kernel32.dll
GetCurrentProcessId
FindNextFileW
shlwapi.dll
PathFindExtensionW
ntdll.dll
NtOpenFile
kernel32.dll
GetTempPathW
GetProcessHeap
SetErrorMode
EnterCriticalSection
HeapAlloc
FindFirstFileW
SetFilePointerEx
shlwapi.dll
SHDeleteValueW
shell32.dll
ShellExecuteExW
kernel32.dll
GetSystemDefaultUILanguage
winhttp.dll
WinHttpOpen
kernel32.dll
ExitProcess
winmm.dll
timeGetTime
kernel32.dll
GlobalAlloc
user32.dll
SystemParametersInfoW
mpr.dll
WNetEnumResourceW
ntdll.dll
RtlTimeToTimeFields
kernel32.dll
GetDriveTypeW
GetNativeSystemInfo
FindClose
CloseHandle
winhttp.dll
WinHttpQueryDataAvailable
user32.dll
GetForegroundWindow
gdi32.dll
SetTextColor
user32.dll
FillRect
advapi32.dll
FreeSid
gdi32.dll
CreateCompatibleDC
winhttp.dll
WinHttpReceiveResponse
kernel32.dll
ReleaseMutex
gdi32.dll
SetPixel
kernel32.dll
gdi32.dll
CreateFontW
winhttp.dll
WinHttpConnect
kernel32.dll
GetProcAddress
ntdll.dll
RtlFreeHeap
kernel32.dll
Process32FirstW
WideCharToMultiByte
GetVolumeInformationW
winhttp.dll
WinHttpQueryHeaders
advapi32.dll
CryptGenRandom
winhttp.dll
WinHttpOpenRequest
kernel32.dll
CreateMutexW
GetSystemDirectoryW
GetFileAttributesW
winhttp.dll
WinHttpCrackUrl
advapi32.dll
CheckTokenMembership
kernel32.dll
GetWindowsDirectoryW
user32.dll
GetKeyboardLayoutList
advapi32.dll
RegCloseKey
\BaseNamedObjects\%S
@gdi32.dll
advapi32.dll
msvcrt.dll
rpcrt4.dll
kernel32.dll
kernelbase.dll
user32.dll
\BaseNamedObjects\%S
*dP 8l *dP 8l *dP 8l
2lT(@l 2lX(@x(
\BaseNamedObjects\%S
*dP 8l *dP 8l *dP 8l 2lT(@l 2lX(@x(
No antivirus signatures available.
IRMA Signature
ESET Security (Windows) a variant of Win32/Filecoder.Sodinokibi.B trojan
Avast Core Security (Linux) Win32:CVE-2018-8453-M [Expl]
C4S ClamAV (Linux) Win.Ransomware.Sodinokibi-6995593-0
F-Secure Antivirus (Linux) Trojan.TR/Crypt.XPACK.Gen [Aquarius]
Windows Defender (Windows) Exploit:Win32/CVE-2018-8453.A
McAfee CLI scanner (Linux) Ransom-REvil
Forticlient (Linux) Clean
Bitdefender Antivirus (Linux) Generic.Ransom.Sodinokibi.2A1A883D
G Data Antivirus (Windows) Virus: Generic.Ransom.Sodinokibi.2A1A883D (Engine A)
Sophos Anti-Virus (Linux) Mal/FakeAV-CS
DrWeb Antivirus (Linux) Clean
Trend Micro SProtect (Linux) Ransom.Win32.SODINOKIB.SMTH
ClamAV (Linux) Win.Ransomware.Sodinokibi-6995593-0
eScan Antivirus (Linux) Generic.Ransom.Sodinokibi.2A1A883D(DB)
Emsisoft Commandline Scanner (Windows) Generic.Ransom.Sodinokibi.2A1A883D (B)
Cuckoo

We're processing your submission... This could take a few seconds.