Analysis Date2015-08-19 08:24:26
MD5af9dc0a1c6b58cfeb4e139ef9ac46d56
SHA15ea81268f60a23eb9f9d029d5c8aa9ce25a9effd

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly
Section.text md5: e96ea3da2ba9934b045232022f6d0aa3 sha1: 27627bb50538b4a1f5842123330ec574151572be size: 201216
Section.sdata md5: 11d749a431b69e21af50120c962bebda sha1: 250a3e8fa4a4f19a7a6cd94fcd71e69d350b320b size: 36352
Section.rsrc md5: 5406d227eb078f3c37f9d4d65eb5d228 sha1: 799563d5ba4c8313cbe1db66f9e65eaa0508a414 size: 11264
Section.reloc md5: 7bea01bea652ca1fac4346398ede9113 sha1: 5356a7f58b0105febd46f41dd8dd6ff3debed9fc size: 512
Timestamp2015-04-04 23:10:18
VersionLegalCopyright: Copyright © FDD
Assembly Version: 3.3.3.3
InternalName: FDD.exe
FileVersion: 3.3.3.3
CompanyName: FDD
LegalTrademarks: FDD
Comments: FDD
ProductName: FDD
ProductVersion: 3.3.3.3
FileDescription: FDD
OriginalFilename: FDD.exe
PackerMicrosoft Visual C# v7.0 / Basic .NET
PEhashcab7ac5cd012fc96924b745b595ff810bf60b56b
IMPhashf34d5f2d4577ed6d9ceec516c1f5a744
AVCA (E-Trust Ino)no_virus
AVRisingno_virus
AVIkarusTrojan.MSIL.Injector
AVDr. WebTrojan.Starter.2890
AVAvira (antivir)TR/Dropper.Gen
AVEset (nod32)MSIL/Injector.JDJ
AVKasperskyTrojan.Win32.Generic
AVK7Riskware ( 0040eff71 )
AVMcafeeRDN/Generic.dx!dql
AVBitDefenderGen:Variant.Zusy.136625
AVAd-AwareGen:Variant.Zusy.136625
AVMicrosoft Security EssentialsWorm:Win32/Rebhip
AVEmsisoftGen:Variant.Zusy.136625
AVZillya!Trojan.Llac.Win32.50571
AVFortinetW32/Generic!tr
AVArcabit (arcavir)Gen:Variant.Zusy.136625
AVPadvishno_virus
AVTwisterno_virus
AVFrisk (f-prot)no_virus
AVVirusBlokAda (vba32)Trojan.Bublik
AVClamAVno_virus
AVGrisoft (avg)MSIL7.BRWR
AVBullGuardGen:Variant.Zusy.136625
AVAlwil (avast)Malware-gen:Win32:Malware-gen
AVAuthentiumW32/Trojan.XCFK-4867
AVTrend MicroTROJ_GE.9054397B
AVCAT (quickheal)Trojan.Generic.r4
AVMicroWorld (escan)Gen:Variant.Zusy.136625
AVF-SecureGen:Variant.Zusy.136625
AVMalwareBytesRiskWare.Tool.HCK
AVSymantecTrojan.Zbot

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings