Analysis Date2015-11-05 15:31:44
MD5d19db7249a34f881cedef3259879b3a4
SHA1210bf5b546dcf2164e39b69f3ac3ac38dc251159

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 1ebb9672f3ee250d5fe783343c92dc75 sha1: 3a8d993b4206147c1b8fb71be811fdd040452085 size: 105984
Section.rdata md5: 12c11916406c79fce123acc64cd3612c sha1: 1ea5fc57bd14118ee3ccdfb6a205ef396a3d1531 size: 40448
Section.data md5: af13ddf2b4a0c1b7ea6fa5f28757bbb2 sha1: 71ef2470d9c85b10c0cc14f9301a4cb65ad2baa2 size: 35840
Section.rsrc md5: 2fb9694af781f0ffae197090dcbc068c sha1: bddf2ae580b4c09dbcf6e2c53da1f6935860765a size: 57856
Timestamp2015-10-20 11:23:20
PackerMicrosoft Visual C++ ?.?
PEhash033931ff2bdb69ee22638c1d0bfe7405e2ee0150
IMPhash56a39a0362a4581f043e4c7bbbaf65ef
AVAd-AwareTrojan.GenericKDZ.30724
AVGrisoft (avg)Crypt_r.AFP
AVCAT (quickheal)no_virus
AVIkarusTrojan.Win32.Crypt
AVAvira (antivir)TR/Crypt.ZPACK.191399
AVK7Trojan ( 004cef571 )
AVClamAVno_virus
AVKasperskyTrojan.Win32.Inject.vkap
AVArcabit (arcavir)Trojan.GenericKDZ.30724
AVMalwareBytesRansom.CryptoWall
AVDr. WebTrojan.DownLoad3.35944
AVMcafeeGamarue-FDC!D19DB7249A34
AVBitDefenderTrojan.GenericKDZ.30724
AVMicrosoft Security EssentialsWorm:Win32/Gamarue
AVEmsisoftTrojan.GenericKDZ.30724
AVMicroWorld (escan)Trojan.GenericKDZ.30724
AVAlwil (avast)Androp [Drp]
AVPadvishno_virus
AVEset (nod32)Win32/Injector.BNHS
AVRisingno_virus
AVBullGuardTrojan.GenericKDZ.30724
AVFortinetW32/Kryptik.EBIH!tr
AVSymantecTrojan.Gen
AVAuthentiumW32/Agent.XL.gen!Eldorado
AVTrend Microno_virus
AVFrisk (f-prot)no_virus
AVTwisterno_virus
AVCA (E-Trust Ino)no_virus
AVVirusBlokAda (vba32)Backdoor.Androm
AVF-SecureTrojan.GenericKDZ.30724
AVZillya!Worm.VBNA.Win32.259809

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings