Analysis Date2015-08-22 11:06:25
MD50b4a59b8cfaee4203f9fb3e25398a4da
SHA1df30dac3331ad43878ddeb280bf094495921d1e1

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 95777e081932a116b11ec17bb5a8707d sha1: 034c8cfb9edc6e8d30ed74048efd65455bd36c2e size: 68096
Section.rdata md5: 7aef09ac80fd5d01fd19d7538f798e8f sha1: 3821e3e53eea2e01c691327e2ba5f1a2bf090ec0 size: 27136
Section.data md5: 210f650257110db14b8aa08adc2b4257 sha1: 68d91cd5ee4b42e3c62a60dcbac9409230b9a453 size: 17920
Section.tls md5: bf619eac0cdf3f68d496ea9344137e8b sha1: 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5 size: 512
Section.rsrc md5: 3fdfa2d2bfc409c3968719ee1fa4a244 sha1: 5781cb558430bd9284da1c69cc67bcf0b07c795a size: 512
Section.reloc md5: 8b45a6dc334d1f63464ed5ee0daeb35f sha1: 4218c78f1e1d1da6a3e75be20e61245655153819 size: 6656
Timestamp2011-01-27 18:07:48
PackerMicrosoft Visual C++ ?.?
PEhash07b835bedcb2195232d2b19d94ac5a619bc3c21e
IMPhashe3f1801c70d2a575cf32578f0860dd78
AVCA (E-Trust Ino)Win32/Tnega.XAXD!suspicious
AVF-SecureTrojan.Foreign.1
AVDr. Webno_virus
AVClamAVWin.Trojan.Agent-809909
AVArcabit (arcavir)Trojan.Foreign.1
AVBullGuardTrojan.Foreign.1
AVPadvishno_virus
AVVirusBlokAda (vba32)no_virus
AVCAT (quickheal)TrojanPWS.Zbot.A5
AVTrend Microno_virus
AVKasperskyTrojan.Win32.Generic
AVZillya!Downloader.Wauchos.Win32.1779
AVEmsisoftTrojan.Foreign.1
AVIkarusTrojan-Downloader.Wauchos
AVFrisk (f-prot)no_virus
AVAuthentiumno_virus
AVMalwareBytesTrojan.Agent.ED
AVMicroWorld (escan)Trojan.Foreign.1
AVMicrosoft Security EssentialsWorm:Win32/Gamarue!rfn
AVK7Trojan-Downloader ( 0039179f1 )
AVBitDefenderTrojan.Foreign.1
AVFortinetW32/Wauchos.A!tr.dldr
AVSymantecTrojan.Gen
AVGrisoft (avg)Downloader.Small.KUT
AVEset (nod32)Win32/TrojanDownloader.Wauchos.A
AVAlwil (avast)Malware-gen:Win32:Malware-gen
AVAd-AwareTrojan.Foreign.1
AVTwisterTrojan.Generic.revs
AVAvira (antivir)TR/Dldr.Wauchos.A.77
AVMcafeeGeneric-FAVF!0B4A59B8CFAE
AVRisingno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Creates MutexVideoRenderer

Network Details:


Raw Pcap

Strings