Analysis Date2015-11-25 06:38:03
MD5f60cb3a9ac3975d7a4bb94e0b9234c94
SHA18e0c1f3889d64dc07018cda9841e713cba90749a

Static Details:

File typeMS-DOS executable, MZ for MS-DOS
Section.text md5: d8a3360011deb4d7a8412c0ad893c6d8 sha1: 30a11088930d4012d2b0c3e1c1c4a20daf25b4b8 size: 104448
Section.rdata md5: ab5ff432716e2f74473fd1068288356d sha1: 328ac400c7ec2760ad4c16ea884e1ab26786221b size: 28160
Section.data md5: 942f5f2128c12f4b3985de3827e0d8f6 sha1: c7758e909f974530a88e76e9a0240972f4d1f68e size: 4608
Section.rsrc md5: 69a98b2f6d35593d2039b831da858e98 sha1: 95b91b941b613b0d475ec59e1f5c29e5b7aab8c3 size: 226816
Sectionkkbjiqq md5: ff5f7a63d3b1f9176e216eb01a0387ad sha1: 4e6d50eda26c0a8db442a1ccd6752016ddcce562 size: 101376
Sectionrddzusz md5: d41d8cd98f00b204e9800998ecf8427e sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 size: 0
Timestamp1998-01-25 23:00:10
PackerMicrosoft Visual C++ ?.?
PEhash9577a3dd10ee77fc5f8df7ca46f798810b4e354b
IMPhash720f62ecaae027b5c3ec6686644322e9
AVVirusBlokAda (vba32)no_virus
AVCAT (quickheal)Trojan.MSILCryptor.MUE.A4
AVRisingBackdoor.Win32.Bindi.a
AVZillya!Backdoor.PePatch.Win32.76279
AVKasperskyTrojan.Win32.Generic
AVClamAVWin.Trojan.Agent-798824
AVIkarusTrojan.MSIL.Bladabindi
AVMicroWorld (escan)Gen:Variant.Symmi.43388
AVTwisterTrojan.Generic.rcxe
AVEset (nod32)MSIL/Bladabindi.L
AVMcafeeno_virus
AVK7Trojan ( 003f3a341 )
AVAvira (antivir)TR/Crypt.XPACK.Gen
AVEmsisoftGen:Variant.Symmi.43388
AVGrisoft (avg)Luhe.Fiha.A
AVMalwareBytesTrojan.Agent.MSIL
AVMicrosoft Security EssentialsBackdoor:MSIL/Bladabindi
AVSymantecTrojan.Gen
AVTrend Microno_virus
AVBullGuardGen:Variant.Symmi.43388
AVF-SecureGen:Variant.Symmi.43388
AVArcabit (arcavir)Gen:Variant.Symmi.43388
AVBitDefenderGen:Variant.Symmi.43388
AVFortinetW32/Generic.L!tr
AVDr. WebTrojan.Winlock.9484
AVAuthentiumW32/A-3e7aeab6!Eldorado
AVAlwil (avast)Virtu-F:Win32:Virtu-F
AVAd-AwareGen:Variant.Symmi.43388
AVFrisk (f-prot)no_virus
AVCA (E-Trust Ino)no_virus

Runtime Details:

Network Details:


Raw Pcap

Strings