Analysis Date2015-11-19 14:59:40
MD5df6401a83831717796c65f104c161431
SHA1c50d0aa4dd7d8b0998b5adf3af38fc3b31127a82

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: c6c7d5caff60a9f2adef6f250e48b3c9 sha1: babb0e80c022f6bc6830ec3616e111a6ca18e7a5 size: 32768
Section.data md5: 620f0b67a91f7f74151bc5be745b7110 sha1: 1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d size: 4096
Section.rsrc md5: cbec499c5004d11cc3ce30509e7d6f35 sha1: e2543d971048ecfc0befe8c8b934b5011231317a size: 8192
Timestamp2014-04-28 08:59:14
VersionInternalName: LammosTraseg
FileVersion: 2.00.0097
CompanyName: Flash
LegalTrademarks: Flash game pularinazos lomij oli kasandra bo.
Comments: Flash game pularinazos lomij oli kasandra bo.
ProductName: Flash game pularinazos lomij oli kasandra bo.
ProductVersion: 2.00.0097
OriginalFilename: LammosTraseg.exe
PackerMicrosoft Visual Basic v5.0
PEhashc31c85a1e5dcdb7cda2a58fcd013b65b8000b0f4
IMPhash81b590bc14c4c358078c1b2e8621585b
AVRisingno_virus
AVMcafeeDownloader-FABC!DF6401A83831
AVAvira (antivir)TR/Cutwail.nzjs
AVTwisterTrojanDldr.Tiny.NKK.mohn
AVAd-AwareGen:Variant.Zusy.91092
AVAlwil (avast)Fraud-A [Trj]
AVEset (nod32)Win32/TrojanDownloader.Tiny.NKK
AVGrisoft (avg)Generic_vb.XR
AVSymantecDownloader.Ponik
AVFortinetW32/Tiny.NKK!tr.dldr
AVBitDefenderGen:Variant.Zusy.91092
AVK7Trojan ( 0040f8261 )
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Cutwail
AVMicroWorld (escan)Gen:Variant.Zusy.91092
AVMalwareBytesBackdoor.Bot
AVAuthentiumW32/Trojan.QSFJ-3828
AVFrisk (f-prot)W32/Trojan3.IEN
AVIkarusTrojan-Downloader.Lammos
AVEmsisoftGen:Variant.Zusy.91092
AVZillya!Trojan.Cutwail.Win32.94
AVKasperskyTrojan.Win32.Cutwail.csz
AVTrend Microno_virus
AVCAT (quickheal)Worm.Gamarue.I3
AVVirusBlokAda (vba32)Trojan.Cutwail
AVPadvishno_virus
AVBullGuardGen:Variant.Zusy.91092
AVArcabit (arcavir)Gen:Variant.Zusy.91092
AVClamAVno_virus
AVDr. WebTrojan.Packed.26578
AVF-SecureGen:Variant.Zusy.91092
AVCA (E-Trust Ino)Win32/VB.GBPNFfC
AVRisingno_virus
AVMcafeeDownloader-FABC!DF6401A83831
AVAvira (antivir)TR/Cutwail.nzjs
AVTwisterTrojanDldr.Tiny.NKK.mohn
AVAd-AwareGen:Variant.Zusy.91092
AVAlwil (avast)Fraud-A [Trj]
AVEset (nod32)Win32/TrojanDownloader.Tiny.NKK
AVGrisoft (avg)Generic_vb.XR
AVSymantecDownloader.Ponik
AVFortinetW32/Tiny.NKK!tr.dldr
AVBitDefenderGen:Variant.Zusy.91092
AVK7Trojan ( 0040f8261 )
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Cutwail
AVMicroWorld (escan)Gen:Variant.Zusy.91092
AVMalwareBytesBackdoor.Bot
AVAuthentiumW32/Trojan.QSFJ-3828
AVFrisk (f-prot)W32/Trojan3.IEN
AVIkarusTrojan-Downloader.Lammos

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Creates ProcessC:\malware.exe

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings