Analysis Date2015-12-28 05:10:32
MD5a9b077a76b978bfb7a3252b8316911df
SHA1ed6603e2b8e77f17b52d212154896dfa54a0a2a6

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 4a7f67d242216ffe46dafcf3c8962b91 sha1: b941d7e7af01e6e21b798f80f2a3e3de94148669 size: 34304
Section.rdata md5: 65ecff0829f3c241c8ed1042997944a5 sha1: 530e4792783601ed46c53003221c6dd61da474d8 size: 512
Section.data md5: 82ae0657a87278407da76e0d3e061e19 sha1: 84b04dbcd359a27192e46886c5ca66feb5096eac size: 20480
Section.rsrc md5: f72933ef6832eb06e3040a98721c9d22 sha1: 4b0304e00a6cb0451e6489c501d50ba5070cff75 size: 8192
Timestamp2015-06-18 10:05:43
Pdb pathC:\Source\CPP\Trident\main.pdb
VersionLegalCopyright: TV Show Europe Software©. All rights reserved.
FileVersion: 0.4
CompanyName: Periodic Dimension
LegalTrademarks: TV Show Europe Software©. 2015
Comments: TV Show Europe Software
ProductName: TV Show Europe Software
ProductVersion: 0.4.0.0
FileDescription: TV Show Europe Software
PEhashd914cfb3551c6c5c7de97586f6289b1a97cf3cf2
IMPhashd8b5b4bbe72f5887e582fef0e2dc6c4a
AVSymantecTrojan.Gen
AVK7Trojan ( 004d3a1f1 )
AVF-SecureTrojan.GenericKD.2785164
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Upatre!rfn
AVBitDefenderTrojan.GenericKD.2785164
AVKasperskyTrojan-Downloader.Win32.Upatre.fbfq
AVCAT (quickheal)TrojanDownloader.Upatre.r4
AVClamAVno_virus
AVEset (nod32)Win32/Kryptik.DZYN
AVAd-AwareTrojan.GenericKD.2785164
AVZillya!Downloader.Upatre.Win32.57855
AVRisingno_virus
AVMcafeeUpatre-FACY!A9B077A76B97
AVFortinetW32/Kryptik.EAZU!tr
AVCA (E-Trust Ino)no_virus
AVBullGuardTrojan.GenericKD.2785164
AVAlwil (avast)SwPatch [Wrm]
AVAuthentiumW32/Trojan.MFXF-4990
AVVirusBlokAda (vba32)no_virus
AVIkarusTrojan.Kryptik
AVAvira (antivir)TR/Upatre.jhygy
AVGrisoft (avg)Crypt_s.JMI
AVMalwareBytesTrojan.Upatre
AVTrend MicroTROJ_UP.886C385B
AVFrisk (f-prot)no_virus
AVArcabit (arcavir)Trojan.GenericKD.2785164
AVMicroWorld (escan)Trojan.GenericKD.2785164
AVEmsisoftTrojan.GenericKD.2785164
AVTwisterno_virus
AVDr. Webno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings