Analysis Date2015-12-27 14:28:35
MD5cc82fae74adc59cd5881f315ac863858
SHA12af889ccdbda1e1e011594e6ef937be7f36d55cb

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
SectionUPX0 md5: d41d8cd98f00b204e9800998ecf8427e sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 size: 0
SectionUPX1 md5: 527c1af55dd1104844c17cb2ca678cdc sha1: 298f65204e90112b2c5236c891a9a0e28834420c size: 34304
Section.rsrc md5: 06a2cea619be28043223f8632f5ce816 sha1: 299805d2652fc9e6f341aa639b582aa9ad992ca4 size: 3072
Timestamp2005-04-24 06:35:21
VersionLegalCopyright: Oral Sam Utter Cool 1996-2009
InternalName: Shaky Goods
FileVersion: 9.8
CompanyName: Prolific Technology Inc.
ProductName: Fuzz
ProductVersion: 9.8
FileDescription: Mobs Goo
OriginalFilename: Lends.exe
PackerUPX -> www.upx.sourceforge.net
PEhash277f7a908a0adbe6f3912f9267359cf5ef4b6bea
IMPhash7c8be34e6403b2dec721cc612776c04f
AVZillya!Trojan.Kryptik.Win32.198120
AVAd-AwareGen:Trojan.Heur.Zbot.6
AVAlwil (avast)Evo-gen [Susp]
AVArcabit (arcavir)Gen:Trojan.Heur.Zbot.6
AVAuthentiumW32/Backdoor.XUQV-2009
AVAvira (antivir)TR/Crypt.ULPM.Gen
AVBitDefenderGen:Trojan.Heur.Zbot.6
AVBullGuardGen:Trojan.Heur.Zbot.6
AVCA (E-Trust Ino)Win32/Tnega.AJYY
AVCAT (quickheal)no_virus
AVClamAVTrojan.Dropper-31317
AVDr. WebTrojan.DownLoader5.35280
AVEmsisoftGen:Trojan.Heur.Zbot.6
AVEset (nod32)Win32/Kryptik.AYOZ
AVFortinetW32/Yakes.B!tr
AVFrisk (f-prot)W32/Backdoor2.HJUV
AVF-SecureGen:Trojan.Heur.Zbot.6
AVGrisoft (avg)Generic26.BRVK
AVIkarusDDoS.Win32.Dofoil
AVK7Trojan ( 0034a59e1 )
AVKasperskyTrojan.Win32.Generic
AVMalwareBytesTrojan.CryptPro.Gen
AVMcafeeRansom-AX
AVMicrosoft Security EssentialsDDoS:Win32/Dofoil.A
AVMicroWorld (escan)Gen:Trojan.Heur.Zbot.6
AVRisingno_virus
AVSymantecTrojan.Gen
AVTrend MicroTROJ_INJECT.JDM
AVTwisterTrojan.E0CFB8F137577286
AVVirusBlokAda (vba32)BScope.Malware-Cryptor.1212

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings