Analysis Date2015-08-13 04:17:06
MD52afddbe298fbe66273d81c048b7d8196
SHA16a84148799f39f66ac9bb9eb0bb35c2226b088b7

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 7cbecaeaed318da28bee8d58cbbcd797 sha1: aa04087c3939e13078663b3061f09b69eb5f175a size: 17408
Section.rdata md5: e46709f2c9a528e89738d199ba270306 sha1: ad2c709c385cff099fce9faa960a709a21171f7a size: 112640
Section.data md5: bc814f6c8ec4cf0116398c8d536fa245 sha1: e3cd5f9326e7e3a42c1df55e52df07907bd3be53 size: 3072
Section.rsrc md5: bf619eac0cdf3f68d496ea9344137e8b sha1: 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5 size: 512
Section.reloc md5: 42a4dd1d7f2b6afd9a0dceeed00f6f32 sha1: 11652fcc6149bd712db1724bbd684d0c0a4e2121 size: 2560
Timestamp2014-03-06 16:40:25
PackerMicrosoft Visual C++ ?.?
PEhashc2e97ff8ac93ec54873bcc7e820103d19d9ae396
IMPhash96df5cced42789c1e5efcd2b13b941c9
AVCA (E-Trust Ino)no_virus
AVF-SecureGen:Win32.ExplorerHijack.iuW@aiAxZif
AVDr. Webno_virus
AVClamAVno_virus
AVArcabit (arcavir)Gen:Win32.ExplorerHijack.iuW@aiAxZif
AVBullGuardGen:Win32.ExplorerHijack.iuW@aiAxZif
AVPadvishno_virus
AVVirusBlokAda (vba32)no_virus
AVCAT (quickheal)no_virus
AVTrend MicroBKDR_PLUGX.EO
AVKasperskyno_virus
AVZillya!Trojan.Inject.Win32.174055
AVEmsisoftGen:Win32.ExplorerHijack.iuW@aiAxZif
AVIkarusGen.Win32.ExplorerHijack
AVFrisk (f-prot)no_virus
AVAuthentiumno_virus
AVMalwareBytesno_virus
AVMicroWorld (escan)Gen:Win32.ExplorerHijack.iuW@aiAxZif
AVMicrosoft Security Essentialsno_virus
AVK7no_virus
AVBitDefenderGen:Win32.ExplorerHijack.iuW@aiAxZif
AVFortinetW32/Kryptik.BYKN!tr
AVSymantecno_virus
AVGrisoft (avg)Crypt3.ANWS
AVEset (nod32)Win32/Kryptik.BYKN
AVAlwil (avast)Evo-gen [Susp]
AVAd-AwareGen:Win32.ExplorerHijack.iuW@aiAxZif
AVTwisterno_virus
AVAvira (antivir)TR/Dropper.Gen
AVMcafeeRDN/Generic.hra
AVRisingno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings