Analysis Date2015-10-07 20:52:42
MD5c1e153e3ba05d410f2658ae64b23c909
SHA1f92b8b19a3e6bcc0afd8dfbb98f15150636587ed

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 0c33acacc73c33a78503058a5ddd21fe sha1: 2272ee9d97ea659dc7acfed1ddfbfb061fa43ce4 size: 183808
Section.rdata md5: ca01cd1c001d51ec0c806bb444b77823 sha1: 924f031f3c7c12d2018dae1b9f43c0761874fcbb size: 2048
Section.data md5: 57e500c535048eb6b5d097362c61d954 sha1: 2d17a907fa11d6b5e42c58b5ba9437d6fca47884 size: 123392
Section.rsrc md5: a54f31b8dbdff8ef357a82aba6f34187 sha1: 93a922888a84ec8f1aa83bd744b14ed8048df5b4 size: 5120
Timestamp1970-01-04 23:06:04
PEhash3db9941df823bdf664e8e7dc8d1aaeaac1ce43e4
IMPhash3fd0fd2ceb1ea25d2b29c841dadb1c75
AVCA (E-Trust Ino)Win32/Diple.A!generic
AVRisingTrojan.FakeAV!49B1
AVMcafeeGeneric FakeAlert.amb
AVAvira (antivir)TR/FakeAV.btxt.7
AVTwisterTrojan.558BEC81C4DCFAFFF.mg
AVAd-AwareGen:Heur.Cridex.2
AVAlwil (avast)MalOb-FY [Cryp]
AVEset (nod32)Win32/Kryptik.MAP
AVGrisoft (avg)FakeAlert.AAO
AVSymantecTrojan.FakeAV!gen39
AVFortinetW32/FakeAlert.AMB!tr
AVBitDefenderGen:Heur.Cridex.2
AVK7Trojan ( 001e60c61 )
AVMicrosoft Security EssentialsRogue:Win32/Winwebsec
AVMicroWorld (escan)Gen:Heur.Cridex.2
AVMalwareBytesTrojan.Agent
AVAuthentiumW32/FakeAlert.LY.gen!Eldorado
AVFrisk (f-prot)W32/FakeAlert.LY.gen!Eldorado
AVIkarusTrojan.Win32.Pakes
AVEmsisoftGen:Heur.Cridex.2
AVZillya!Trojan.FakeAV.Win32.77386
AVKasperskyTrojan.Win32.FakeAV.btxt
AVTrend MicroTROJ_FAKEAV.SMID
AVCAT (quickheal)FraudTool.Security
AVVirusBlokAda (vba32)Trojan.FakeAV
AVPadvishno_virus
AVBullGuardGen:Heur.Cridex.2
AVArcabit (arcavir)Gen:Heur.Cridex.2
AVClamAVTrojan.FakeAV-5363
AVDr. WebTrojan.Fakealert.20556
AVF-SecureGen:Heur.Cridex.2

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Creates FileC:\Documents and Settings\All Users\Application Data\hPcLfEfNkAl05606\hPcLfEfNkAl05606.exe
Creates FileC:\f92b8b19a3e6bcc0afd8dfbb98f15150636587ed
Creates MutexDon't stop me! I need some money!

Network Details:


Raw Pcap

Strings