Analysis Date2015-12-28 05:05:49
MD5a79308b7db2a2d45bd1bea40cb309af3
SHA1411525594d7d066591cf670a1c9d1d6b702df7f4

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 01ee61e8b2f4ccecf2a020f8dabda967 sha1: a0fe950ea82dda1b25d975407485d8746e6edde1 size: 34304
Section.rdata md5: d13c42927662d56d3324740a6c10ebb9 sha1: 43732ec413c0cbcff811feedbdfc17eac14dadaf size: 512
Section.data md5: 978cbbb6de3c119a7c1521a20c3e64e6 sha1: 099adb9ede36ba75dbd43b558f2a724519baf127 size: 20480
Section.rsrc md5: f72933ef6832eb06e3040a98721c9d22 sha1: 4b0304e00a6cb0451e6489c501d50ba5070cff75 size: 8192
Timestamp2015-06-18 10:05:43
Pdb pathC:\Source\CPP\Trident\main.pdb
VersionLegalCopyright: TV Show Europe Software©. All rights reserved.
FileVersion: 0.4
CompanyName: Periodic Dimension
LegalTrademarks: TV Show Europe Software©. 2015
Comments: TV Show Europe Software
ProductName: TV Show Europe Software
ProductVersion: 0.4.0.0
FileDescription: TV Show Europe Software
PEhashd914cfb3551c6c5c7de97586f6289b1a97cf3cf2
IMPhashd8b5b4bbe72f5887e582fef0e2dc6c4a
AVDr. Webno_virus
AVFortinetW32/Kryptik.EAZU!tr
AVGrisoft (avg)Crypt_s.JMI
AVKasperskyTrojan-Downloader.Win32.Upatre.fbfq
AVClamAVno_virus
AVTrend MicroTROJ_UP.886C385B
AVMicrosoft Security Essentialsno_virus
AVMalwareBytesTrojan.Upatre
AVEset (nod32)Win32/Kryptik.DZYN
AVVirusBlokAda (vba32)no_virus
AVK7Trojan ( 004d3a001 )
AVAuthentiumW32/Trojan.HTMW-3103
AVAvira (antivir)TR/Upatre.jhygy
AVZillya!no_virus
AVBitDefenderTrojan.GenericKD.2785162
AVArcabit (arcavir)Trojan.GenericKD.2785162
AVCAT (quickheal)TrojanDownloader.Upatre.r4
AVMcafeeUpatre-FACY!A79308B7DB2A
AVEmsisoftTrojan.GenericKD.2785162
AVFrisk (f-prot)no_virus
AVCA (E-Trust Ino)no_virus
AVSymantecTrojan.Gen.2
AVTwisterno_virus
AVIkarusTrojan.Kryptik
AVAd-AwareTrojan.GenericKD.2785162
AVRising0x59366366
AVF-SecureTrojan.GenericKD.2785162
AVAlwil (avast)SwPatch [Wrm]
AVBullGuardTrojan.GenericKD.2785162
AVMicroWorld (escan)Trojan.GenericKD.2785162

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings