Analysis Date2015-12-10 17:38:10
MD57e82a109f067cc860d8ad9ac2917e125
SHA154ecf4589ae73a178be40a5f0f2ba7acd0ea4a65

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly
Section.text md5: adc9bf0f3ee29afd14f8e1ae0d4da8ad sha1: 6f6b7d12f337677fc34054397dcfac4b1be273bf size: 84992
Section.rsrc md5: b13898e666a58a11c0f7c79fec286a26 sha1: b33efd018540e5ac2f0263fdbff70d1cd23df33e size: 1536
Section.reloc md5: 6a880de589cf799a35a43fee5c8b1897 sha1: 95ab23285bff180b3af945dd1ad33ff77656e0e4 size: 512
Timestamp2015-11-21 19:16:22
VersionLegalCopyright:
Assembly Version: 0.0.0.0
InternalName: kaasmr.exe
FileVersion: 0.0.0.0
Comments: RPX 1.3.4400.61
ProductVersion: 0.0.0.0
FileDescription:
OriginalFilename: kaasmr.exe
PackerMicrosoft Visual C# v7.0 / Basic .NET
PEhasha4c8060737f07db9bf830bee3ebedb14dfe193cc
IMPhashf34d5f2d4577ed6d9ceec516c1f5a744
AVAd-AwareGen:Variant.Barys.2831
AVGrisoft (avg)no_virus
AVCAT (quickheal)no_virus
AVIkarusTrojan.MSIL.Injector
AVAvira (antivir)no_virus
AVK7Trojan ( 700000121 )
AVClamAVno_virus
AVKasperskyTrojan.Win32.Generic
AVArcabit (arcavir)Gen:Variant.Barys.2831
AVMalwareBytesRansom.Agent.MSIL
AVDr. WebBackDoor.Bladabindi.1311
AVMcafeeRDN/Generic Dropper
AVBitDefenderGen:Variant.Barys.2831
AVMicrosoft Security EssentialsBackdoor:MSIL/Bladabindi!rfn
AVEmsisoftGen:Variant.Barys.2831
AVMicroWorld (escan)Gen:Variant.Barys.2831
AVAlwil (avast)Malware-gen:Evo-gen [Susp]:Win32:Malware-gen
AVEset (nod32)MSIL/Injector.AWA
AVRisingno_virus
AVBullGuardGen:Variant.Barys.2831
AVFortinetW32/Generic.BS!tr
AVSymantecno_virus
AVAuthentiumW32/Trojan.TIPV-1318
AVTrend Microno_virus
AVFrisk (f-prot)no_virus
AVTwisterSuspicious.0000000000480.mg
AVCA (E-Trust Ino)no_virus
AVVirusBlokAda (vba32)no_virus
AVF-SecureGen:Variant.Barys.2831
AVZillya!no_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings