Analysis Date2015-07-19 15:30:08
MD5dc145827030aa496244131cc4249e085
SHA1156c44ac818066540bebb4287eca6246d7f47358

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly
Section.text md5: 33a244ec945037da69dfc893a6a6f3b2 sha1: ead43094f4c05b6ae056b81ea03599ec34cf1a5a size: 422400
Section.rsrc md5: 4689ec4a28dc8d7052e53a1c25cb2361 sha1: bf143200487880c9c6a48dc779c38d435462dc1a size: 2048
Section.reloc md5: 435f1af9eefe083a5728435a034a6862 sha1: 70cf930f00addfb0b5b5a3d36f50e6cbab5672f1 size: 512
Timestamp2011-01-17 01:16:00
Pdb pathI:\zmzq\wWEJIMIX\imnsfKtLsUWEBgFOGGhPABOAnN\tYLqjypjByAAvSlAQsM\AUpjjFKc\WFpRdool\fve\SHZ\qJxUNpw\alCIqhmKlyMpfZFyDXIBTPb.pdb
VersionLegalCopyright:
Assembly Version: 5.1.3.4
InternalName: KismetLongsMarginalised.exe
FileVersion: 6.2.2.7
CompanyName: MercantileLegitimiseNeutralised
Comments: NoticesIndispose InvalidatedHeathland
ProductName: LilyHitchingIncrements LeavenedInsupportableInverter
ProductVersion: 6.2.2.7
FileDescription: PeeragesInverter MimePampersHierarchy
OriginalFilename: KismetLongsMarginalised.exe
PackerMicrosoft Visual C# v7.0 / Basic .NET
PEhash856aa3e26463bbd86ae656c434f4f6436b87abc5
IMPhashf34d5f2d4577ed6d9ceec516c1f5a744
AVAlwil (avast)Trojan-gen:Win32:Trojan-gen
AVAvira (antivir)TR/Injector.425509
AVMalwareBytesTrojan.Tinba.EXPGen
AVEset (nod32)MSIL/Injector.IYI
AVFortinetMSIL/Injector.JBE!tr
AVFrisk (f-prot)no_virus
AVPadvishno_virus
AVIkarusTrojan-Downloader.Win32.Upatre
AVKasperskyTrojan-Downloader.Win32.Hyteod.ajhf
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Dalexis!rfn
AVEmsisoftGen:Heur.MSIL.Androm.4
AVClamAVno_virus
AVBitDefenderGen:Heur.MSIL.Androm.4
AVTrend Microno_virus
AVGrisoft (avg)MSIL7.BKYX
AVSymantecTrojan.Gen
AVVirusBlokAda (vba32)TrojanDownloader.Hyteod
AVAd-AwareGen:Heur.MSIL.Androm.4
AVBullGuardGen:Heur.MSIL.Androm.4
AVF-SecureGen:Heur.MSIL.Androm.4
AVMicroWorld (escan)Gen:Heur.MSIL.Androm.4
AVAuthentiumW32/Hyteod.A.gen!Eldorado
AVArcabit (arcavir)Gen:Heur.MSIL.Androm.4
AVK7Trojan ( 004bc46f1 )
AVTwisterTrojanDldr.Hyteod.afwn.popg
AVCAT (quickheal)Error Scanning File
AVCA (E-Trust Ino)no_virus
AVMcafeeRDN/Generic.dx!dql
AVDr. Webno_virus
AVZillya!Downloader.Hyteod.Win32.1116
AVRisingno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings