Analysis Date2015-08-07 15:33:37
MD5d419913dfc4d8265b943c477d58d5b04
SHA1b942acbd6e0341cbb5b1598174a11aeb219e70b8

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: e585e57d80f29bc618ad3bb9d5916782 sha1: 0cb23440f7ae7be0fc9b15d1325b509e8811b489 size: 17920
Section.rdata md5: 8cae42bcb51d54374114fe9fb21d7760 sha1: 3a38ea14001d24c326661659813053142890cf56 size: 156672
Section.data md5: 339befbb486f5e5812393be757c8c832 sha1: 4efae580f4fd2e333e1ed57c7ae81117f1edb1c1 size: 3072
Section.reloc md5: 090b4a6d6f3cf6f5711ebc0d10043315 sha1: 36d052795b907d949ac0a214a7e90519995a6f1c size: 2560
Timestamp2014-07-09 04:25:45
PackerMicrosoft Visual C++ ?.?
PEhash181c6e658394cf29cafab326f29dee8017b967ff
IMPhash46c6d1fde0cbad6272590ba3defe7cd8
AVCA (E-Trust Ino)no_virus
AVF-SecureGen:Trojan.Heur.RP.lqW@aaz6qFg
AVDr. Webno_virus
AVClamAVno_virus
AVArcabit (arcavir)Gen:Trojan.Heur.RP.lqW@aaz6qFg
AVBullGuardGen:Trojan.Heur.RP.lqW@aaz6qFg
AVPadvishno_virus
AVVirusBlokAda (vba32)no_virus
AVCAT (quickheal)no_virus
AVTrend MicroBKDR_PLUGX.EO
AVKasperskyno_virus
AVZillya!no_virus
AVEmsisoftGen:Trojan.Heur.RP.lqW@aaz6qFg
AVIkarusTrojan.SuspectCRC
AVFrisk (f-prot)no_virus
AVAuthentiumno_virus
AVMalwareBytesno_virus
AVMicroWorld (escan)Gen:Trojan.Heur.RP.lqW@aaz6qFg
AVMicrosoft Security Essentialsno_virus
AVK7no_virus
AVBitDefenderGen:Trojan.Heur.RP.lqW@aaz6qFg
AVFortinetno_virus
AVSymantecno_virus
AVGrisoft (avg)no_virus
AVEset (nod32)no_virus
AVAlwil (avast)Crypt-RUZ [Trj]
AVAd-AwareGen:Trojan.Heur.RP.lqW@aaz6qFg
AVTwisterno_virus
AVAvira (antivir)TR/Spy.Agent.181248.3
AVMcafeeRDN/Generic.grp
AVRisingno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings