Analysis Date2015-09-15 20:41:26
MD5d4dc65d606f61fa3b44ad3a802bb60a0
SHA1d198277e95389ece1a14678015b100b7a2d878c1

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
SectionUPX0 md5: d41d8cd98f00b204e9800998ecf8427e sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 size: 0
SectionUPX1 md5: 70a0617b7411bcd999ac7ed022631f15 sha1: aa52a0708611423c087efd5aea308a232436960a size: 38912
Section.rsrc md5: 30f1112849dd2c3912ccb852eddf0205 sha1: f6ab1bc780535e51716b9e4fabe09b8c756468e8 size: 4096
Timestamp1997-09-29 06:12:36
VersionLegalCopyright: Hears Zoom Ring Slums 2003-2010
InternalName: Sole Tut Errol Gusts
FileVersion: 2.8
CompanyName: Bitrix
ProductName: Spasm Mists Pledge Wrong Fret
ProductVersion: 2.8
FileDescription: Labs Joyce Manor Pit
OriginalFilename: Herr.exe
PackerUPX -> www.upx.sourceforge.net
PEhashf6a749202dea12216531301474c858bd54b37910
IMPhashd0556784082083123613f1c65be84159
AVRisingno_virus
AVMcafeeno_virus
AVAvira (antivir)TR/Crypt.ULPM.Gen
AVTwisterTrojan.548C56EEB9E9140D
AVAd-AwareGen:Trojan.Heur.Zbot.6
AVAlwil (avast)Malware-gen:Win32:Malware-gen
AVEset (nod32)Win32/Kryptik.YNE
AVGrisoft (avg)SHeur4.MBL
AVSymantecPacked.Generic.348
AVFortinetW32/Yakes.B!tr
AVBitDefenderGen:Trojan.Heur.Zbot.6
AVK7Trojan ( 0027dd391 )
AVMicrosoft Security EssentialsDDoS:Win32/Dofoil.A
AVMicroWorld (escan)Gen:Trojan.Heur.Zbot.6
AVMalwareBytesTrojan.Downloader.CBCGen
AVAuthentiumno_virus
AVFrisk (f-prot)no_virus
AVIkarusDDoS.Win32.Dofoil
AVEmsisoftGen:Trojan.Heur.Zbot.6
AVZillya!Trojan.Jorik.Win32.42672
AVKasperskyTrojan.Win32.Generic
AVTrend Microno_virus
AVCAT (quickheal)no_virus
AVVirusBlokAda (vba32)BScope.Malware-Cryptor.1212
AVPadvishMalware.Trojan.Agent-273612
AVBullGuardGen:Trojan.Heur.Zbot.6
AVArcabit (arcavir)Gen:Trojan.Heur.Zbot.6
AVClamAVTrojan.Agent-273612
AVDr. WebTrojan.Tenagour.9
AVF-SecureGen:Trojan.Heur.Zbot.6
AVCA (E-Trust Ino)Win32/Dofoil.A!generic

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings