Analysis Date2013-11-06 12:38:43
MD501f73c65e8c88aa0305f40928823fb55
SHA1cdd70d67d68f2096c1690868287f4e44ee375c6e

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
SectionUPX0 md5: ac67c0dbb894460e53452866130a4025 sha1: f1e7b4978920ac2564e181338f3069c6f01ec6f6 size: 98304
SectionUPX1 md5: 8a6b7c9707844ba18485ca1d75ea0a18 sha1: b3b52127b98b9c778aabeed01c248e5df2d3162f size: 54784
Section.rsrc md5: bf48d6c0aec81b03c9a824343757b7ff sha1: 88597dd47b7d9cfea128866b341db100a2f2bcfd size: 1536
Timestamp1992-06-19 22:22:17
PackerBobSoft Mini Delphi -> BoB / BobSoft
PEhashb666e8ac8da8524376daef55ec75111dc113c549
AVclamavWIN.Worm.Soltern
AVaviraTR/Crypt.ULPM.Gen
AVavgWorm/Delf.DMD
AVmsseWorm:Win32/Soltern.L

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Creates FileC:\WINDOWS\Temp\Macromedia key generator (all products).exe
Creates FileC:\WINDOWS\Temp\How To Hack Websites.exe
Creates FileC:\WINDOWS\Temp\GTA3 crack.exe
Creates FileC:\WINDOWS\Temp\Hacking Tool Collection.exe
Creates FileC:\WINDOWS\Temp\Jenna Jameson - Built For Speed Downloader.exe
Creates FileC:\WINDOWS\Temp\Winrar + crack.exe
Creates FileC:\WINDOWS\Temp\Windows XP serial generator.exe
Creates FileC:\WINDOWS\Temp\Zidane-ScreenInstaler.exe
Creates FileC:\WINDOWS\Temp\Britney spears nude.exe
Creates FileC:\WINDOWS\Temp\SIMS FullDownloader.exe
Creates FileC:\WINDOWS\Temp\Star wars episode 2 downloader.exe
Creates FileC:\WINDOWS\Temp\StarWars2 - CloneAttack - FullDownloader.exe
Creates FileC:\WINDOWS\Temp\Half-life ONLINE key generator.exe
Creates FileC:\WINDOWS\Temp\ZoneAlarm Firewall Full Downloader.exe
Creates FileC:\WINDOWS\Temp\Star Wars Episode 2 - Attack Of The Clones Full Downloader.exe
Creates FileC:\WINDOWS\Temp\Microsoft Windows XP crack pack.exe
Creates FileC:\WINDOWS\Temp\Warcraft 3 battle.net serial generator.exe
Creates FileC:\WINDOWS\Temp\Half-life WON key generator.exe
Creates FileC:\WINDOWS\Temp\Hack into any computer!!.exe
Creates FileC:\WINDOWS\Temp\Xbox.info.exe
Creates FileC:\WINDOWS\Temp\Spiderman FullDownloader.exe
Creates FileC:\WINDOWS\Temp\PS1 Boot Disc Full Dwonloader.exe
Creates FileC:\WINDOWS\dextor32.exe
Creates FileC:\WINDOWS\Temp\[DiVX] Harry Potter And The Sorcerors Stone Full Downloader.exe
Creates FileC:\WINDOWS\Temp\Windows XP Full Downloader.exe
Creates FileC:\WINDOWS\Temp\KaZaA media desktop v2.0 UNOFFICIAL.exe
Creates FileC:\WINDOWS\Temp\MoviezChannelsInstaler.exe
Creates FileC:\WINDOWS\Temp\Gladiator FullDownloader.exe
Creates FileC:\WINDOWS\Temp\AIM Account Stealer Downloader.exe
Creates FileC:\WINDOWS\Temp\Grand theft auto 3 CD1 crack.exe
Creates FileC:\WINDOWS\Temp\Internet and Computer Speed Booster.exe
Creates FileC:\WINDOWS\Temp\AikaQuest3Hentai FullDownloader.exe
Creates FileC:\WINDOWS\Temp\DivX.exe
Creates FileC:\WINDOWS\Temp\Sony Play station boot disc - Downloader.exe
Creates FileC:\WINDOWS\Temp\[DiVX] Lord of The Rings Full Downloader.exe
Creates FileC:\WINDOWS\Temp\Winzip 8.0 + serial.exe
Creates FileC:\WINDOWS\Temp\Key generator for all windows XP versions.exe
Creates FileC:\WINDOWS\Temp\Battle.net key generator (WORKS!!).exe
Creates FileC:\WINDOWS\Temp\DSL Modem Uncapper.exe
Creates FileC:\WINDOWS\Temp\Macromedia Flash 5.0 Full Downloader.exe
Creates FileC:\WINDOWS\Temp\Warcraft 3 ONLINE key generator.exe
Creates FileC:\WINDOWS\Temp\MSN Password Hacker and Stealer.exe
Creates FileC:\WINDOWS\Temp\Shakira FullDownloader.exe
Creates FileC:\WINDOWS\Temp\Quake 4 BETA.exe
Creates FileC:\WINDOWS\Temp\Borland Delphi 6 Key Generator.exe
Creates FileC:\WINDOWS\Temp\ScaryMovie 2 Full Downloader.exe
Creates FileC:\WINDOWS\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe
Creates FileC:\WINDOWS\Temp\Cat Attacks Child Full Downloader.exe
Creates FileC:\WINDOWS\Temp\LordOfTheRings-FullDownloader.exe
Creates FileC:\WINDOWS\Temp\Microsoft key generator, works for ALL microsoft products!!.exe
Creates FileC:\WINDOWS\Temp\Windows XP key generator.exe

Network Details:


Raw Pcap

Strings
 A4A?AJAdAlA
Abstract Error?Access violation at address %p in module '%s'. %s of address %p
A call to an OS function failed
Ancestor for '%s' not found
Application Error1Format '%s' invalid or incompatible with argument
April
Assertion failed
August
Cannot assign a %s to a %s
Cannot create file %s
Cannot open file %s$''%s'' is not a valid component name
Class %s not found%List does not allow duplicates ($0%x)#A component named %s already exists%String list does not allow duplicates
Control-C hit
December
Division by zero
DVCLAL
Error creating variant array
Error reading %s%s%s: %s
Exception in safecall method
External exception %x
Failed to create key %s
Failed to get data for '%s'
Failed to set data for '%s'
February
File access denied
File not found
Floating point division by zero
Floating point overflow
Floating point underflow
Friday
Integer overflow Invalid floating point operation
Interface not supported
Invalid class typecast0Access violation at address %p. %s of address %p
Invalid data type for '%s' List capacity out of bounds (%d)
Invalid filename
Invalid numeric input
Invalid pointer operation
Invalid property path
Invalid property value
Invalid variant operation"Variant method calls not supported
Invalid variant type conversion
I/O error %d
January
jjjj
July
June
List count out of bounds (%d)
List index out of bounds (%d)+Out of memory while expanding memory stream
March
Monday
No argument for format '%s'
November
October
Out of memory
PACKAGEINFO
Privileged instruction%Exception %s in module %s at %p.
Property is read-only
Property %s does not exist
Range check error
Read
Read beyond end of file	Disk full
Saturday
	September
!'%s' is not a valid integer value
%s%s
%s.Seek not implemented$Operation not allowed on sorted list
%s (%s, line %d)
Stack overflow
Stream read error
Stream write error
Sunday
System Error.  Code: %d.
Thursday
Too many open files
Tuesday	Wednesday
Variant is not an array!Variant array index out of bounds
Write
                                                                
$*@@@*$@@@$ *@@* $@@($*)@-$*@@$-*@@$*-@@(*$)@-*$@@*-$@@*$-@@-* $@-$ *@* $-@$ *-@$ -*@*- $@($ *)(* $)
012345:
0123456789ABCDEF
0&*DmL9?
1[J6tj
3Messages
$5QH\f
7project1
7Rtl:w
8Registry
advapi32.dll
AikaQuest3Hentai FullDownloader.exe
AIM Account Stealer Downloader.exe
Battle.net key generator (WORKS!!).exe
Boolean
Borland Delphi 6 Key Generator.exe
Britney spears nude.exe
~[Bytn
Cat Attacks Child Full Downloader.exe
CharNextA
CHLy6F8"(
]c-hX{
CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe
Classes
^Classes
CloseHandle
CompareStringA
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
C<"u1S
CVariants
`DATAx
DeleteCriticalSection
dextor32
DisableSharing
DivX.exe
[DiVX] Harry Potter And The Sorcerors Stone Full Downloader.exe
[DiVX] Lord of The Rings Full Downloader.exe
,dQueryWid
DSL Modem Uncapper.exe
EAbstractError
EAccessViolation
EAssertionFailed
EClassNotFound
EComponentError
	EControlC
EConvertError
EDivByZero
	EExternal
EExternalException
EFCreateError
EFilerError
EFOpenError@
EHeapException
EInOutError4r@
	EIntError
EIntfCastError
EIntOverflow
EInvalidCast
EInvalidOp
EInvalidPointerdv@
EListError
EMathError
EnterCriticalSection
EnumCalendarInfoA
EOSError
EOutOfMemory
	EOverflow
EPrivilege
ERangeError
EReadError
ERegistryException
ESafecallException
EStackOverflow
EStreamError
EStringListError
EUnderflow
EVariantError
EWriteErrorH
~ExC[)
	Exception$q@
ExitProcess
EZeroDivideXu@
FFlush
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FormatMessageA
FPUMaskValue
FreeLibrary
GetACP
GetCommandLineA
GetCPInfo
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetFileSize
GetFileType
GetKeyboardType
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetSystemMetrics
GetSystemTime
GetThreadLocale
GetTickCount
GetVersionExA
GetWindowsDirectoryA
Gladiator FullDownloader.exe
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
\GnuConfig.ini
Grand theft auto 3 CD1 crack.exe
GTA3 crack.exe
Hacking Tool Collection.exe
Hack into any computer!!.exe
Half-life ONLINE key generator.exe
Half-life WON key generator.exe
How To Hack Websites.exe
Ht3Ht[
Ht Ht.
.idata
	If[L%
-Ig.5\
IInterface
INFNAN
IniFiles
InitializeCriticalSection
InstallDir
Int64Op
Integer
InterlockedDecrement
InterlockedIncrement
Internet and Computer Speed Booster.exe
IStringsAdapter
iz0Virt2C
Jenna Jameson - Built For Speed Downloader.exe
?j"jttG
JtLAA	
KaZaA media desktop v2.0 UNOFFICIAL.exe
kernel32.dll
KERNEL32.DLL
Key generator for all windows XP versions.exe
KWindows
LeaveCriticalSection
L(KJvZ
LoadLibraryA
LoadLibraryExA
LoadStringA
LocalAlloc
LocalFree
LordOfTheRings-FullDownloader.exe
lstrcpynA
lstrlenA
Macromedia Flash 5.0 Full Downloader.exe
Macromedia key generator (all products).exe
MaxUploads=
MaxUploads=3
m/d/yy
MessageBoxA
Microsoft key generator, works for ALL microsoft products!!.exe
Microsoft Windows XP crack pack.exe
mmmm d, yyyy
:mm:ss
MoviezChannelsInstaler.exe
MSN Password Hacker and Stealer.exe
MultiByteToWideChar
>n~R%Yq
{>NtTH
oleaut32.dll
oo9yQH
.Owner
P.reloc
P.rsrc
PS1 Boot Disc Full Dwonloader.exe
QQQQQ3
QQQQQQQSV
QQQQQQSVW3
QQQQQS3
QQQQQSVW
QQQQS3
QQQQSV
QTypInfo
Q<"u8S
Quake 4 BETA.exe
RaiseException
.rdata
ReadFile
RealOp
RegCloseKey
RegCreateKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
ResetEvent
Rgmh}kK
"RTLConsts
RtlUnwind
Runtime error     at 00000000
sActiveX
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
ScaryMovie 2 Full Downloader.exe
Sd]_^[
[Search Screen]
SetEndOfFile
SetEvent
SetFilePointer
Shakira FullDownloader.exe
SIMS FullDownloader.exe
Software\Borland\Delphi\Locales
SOFTWARE\Borland\Delphi\RTL
Software\Borland\Locales
\Software\HP710C
\Software\Kazaa\LocalContent
\Software\Microsoft\Windows\CurrentVersion\Run
\Software\Morpheus\LocalContent
Sony Play station boot disc - Downloader.exe
Spiderman FullDownloader.exe
StarWars2 - CloneAttack - FullDownloader.exe
Star Wars Episode 2 - Attack Of The Clones Full Downloader.exe
Star wars episode 2 downloader.exe
StringP
Strings
S$_^[Y]
SysAllocStringLen
SysConst
SysFreeString
SysInit
SysReAllocStringLen
System
SysUtils
<*t"<0r=<9w9i
TBoundArray
TCollection
TCollectiont
TComponent
TComponentName
TCustomMemoryStream<
TCustomVariantType
Temp, Recursive
	TErrorRec
TExceptRec
TFiler
TFileStream
THandleStream
This program must be run under Win32
t@hT`@
TInterfacedObject
TlsGetValue
TlsSetValue
TMemoryStream
$TMultiReadExclusiveWriteSynchronizer
TObject
TPersistent
TPersistentt
TPropFixup
TPropIntfFixup
TReader
	TRegGroup
TRegGroups
	TRegistryS
TStream
TStringItem
TStringList
TStringListL
TStrings
TThreadListt
TThreadLocalCounter
TWriter
|T*YTQM
UnhandledExceptionFilter
user32.dll
UTypes
Variant
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
Variants
$VarUtils
VirtualAlloc
VirtualFree
VirtualQuery
VRa~&F a
WaitForSingleObject
Warcraft 3 battle.net serial generator.exe
Warcraft 3 ONLINE key generator.exe
WideCharToMultiByte
Windows XP Full Downloader.exe
Windows XP key generator.exe
Windows XP serial generator.exe
Winrar + crack.exe
Winzip 8.0 + serial.exe
wknb8rd
WriteFile
X6vDwru
Xbox.info.exe
xUFc6w/!
YF-7VI
`%\Y' G
_^[YY]
$YZ]_^[
YZ]_^[
YZXtm1
(Z]_^[
$Z]_^[
Zidane-ScreenInstaler.exe
ZoneAlarm Firewall Full Downloader.exe
ZTUWVSPRTj