1992-06-20 01:22:17
da61abed004ddcddc72f0be493ef7af3
Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
---|---|---|---|---|
CODE | 0x00001000 | 0x00052838 | 0x00052a00 | 6.4830213418 |
DATA | 0x00054000 | 0x00001048 | 0x00001200 | 3.79298829115 |
BSS | 0x00056000 | 0x0000d589 | 0x00000000 | 0.0 |
.idata | 0x00064000 | 0x0000216e | 0x00002200 | 4.90198339668 |
.tls | 0x00067000 | 0x00000014 | 0x00000000 | 0.0 |
.rdata | 0x00068000 | 0x00000018 | 0x00000200 | 0.210826267787 |
.reloc | 0x00069000 | 0x000060c8 | 0x00006200 | 6.62558283372 |
.rsrc | 0x00070000 | 0x00009000 | 0x00009000 | 2.90445227795 |
Name | Offset | Size | Language | Sub-language | File type |
---|---|---|---|---|---|
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_CURSOR | 0x0007104c | 0x00000134 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Targa image data - RGB 64 x 65536 x 1 +32 "\001" |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_BITMAP | 0x000721e4 | 0x000001d0 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 36 x 18 x 4, image size 360 |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_STRING | 0x0007401c | 0x000002d8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
RT_RCDATA | 0x00074c7c | 0x000001bc | LANG_NEUTRAL | SUBLANG_NEUTRAL | Delphi compiled form 'TFrmShowIp' |
RT_RCDATA | 0x00074c7c | 0x000001bc | LANG_NEUTRAL | SUBLANG_NEUTRAL | Delphi compiled form 'TFrmShowIp' |
RT_RCDATA | 0x00074c7c | 0x000001bc | LANG_NEUTRAL | SUBLANG_NEUTRAL | Delphi compiled form 'TFrmShowIp' |
RT_RCDATA | 0x00074c7c | 0x000001bc | LANG_NEUTRAL | SUBLANG_NEUTRAL | Delphi compiled form 'TFrmShowIp' |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
RT_GROUP_CURSOR | 0x00074eb0 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Lotus unknown worksheet or configuration, revision 0x1 |
Antivirus | Signature |
---|---|
Bkav | Clean |
Lionic | Trojan.Win32.Generic.4!c |
Elastic | malicious (high confidence) |
ClamAV | Clean |
CMC | Clean |
CAT-QuickHeal | Trojan.Ghanarava.162896927774e0f2 |
Skyhigh | Clean |
ALYac | Clean |
Cylance | Unsafe |
Zillya | Clean |
Sangfor | Trojan.Win32.Wacatac.C |
CrowdStrike | win/malicious_confidence_90% (D) |
Alibaba | Trojan:Win32/Generic.e3b850ce |
K7GW | Trojan ( 7000000f1 ) |
K7AntiVirus | Trojan ( 7000000f1 ) |
huorong | Clean |
Baidu | Clean |
VirIT | Clean |
Paloalto | generic.ml |
Symantec | ML.Attribute.HighConfidence |
tehtris | Clean |
ESET-NOD32 | Clean |
APEX | Malicious |
Avast | Win32:Crypt-SWW [Inf] |
Cynet | Clean |
Kaspersky | Clean |
BitDefender | Clean |
NANO-Antivirus | Trojan.Win32.TrjGen.iicjmv |
ViRobot | Clean |
MicroWorld-eScan | Clean |
Tencent | Clean |
Sophos | Generic ML PUA (PUA) |
F-Secure | Clean |
DrWeb | Trojan.Siggen6.53799 |
VIPRE | Clean |
TrendMicro | Clean |
Trapmine | Clean |
CTX | Clean |
Emsisoft | Clean |
Ikarus | Trojan.Crypt |
FireEye | Generic.mg.b582f9ff334ba6fa |
Jiangmin | Clean |
Webroot | W32.Malware.gen |
Varist | Clean |
Avira | Clean |
Fortinet | Clean |
Antiy-AVL | Trojan/Win32.Wacatac |
Kingsoft | Win32.Troj.Generic.a |
Gridinsoft | Clean |
Xcitium | Clean |
Arcabit | Clean |
SUPERAntiSpyware | Clean |
ZoneAlarm | Clean |
Microsoft | PWS:Win32/Zbot!ml |
Detected | |
AhnLab-V3 | Clean |
Acronis | Clean |
McAfee | Artemis!B582F9FF334B |
TACHYON | Clean |
VBA32 | Clean |
Malwarebytes | Generic.Malware/Suspicious |
Panda | Clean |
Zoner | Clean |
TrendMicro-HouseCall | Clean |
Rising | Trojan.Win32.Generic.191AA397 (C64:YzY0Ov7Tr942ZAcD) |
Yandex | Clean |
SentinelOne | Clean |
MaxSecure | Trojan.Malware.74474375.susgen |
GData | Clean |
AVG | Win32:Crypt-SWW [Inf] |
DeepInstinct | MALICIOUS |
alibabacloud | Clean |
IRMA | Signature |
---|---|
Trend Micro SProtect (Linux) | Clean |
Avast Core Security (Linux) | Win32:Crypt-SWW [Inf] |
C4S ClamAV (Linux) | Clean |
Trellix (Linux) | Clean |
Sophos Anti-Virus (Linux) | Mal/Generic-S |
Bitdefender Antivirus (Linux) | Clean |
G Data Antivirus (Windows) | Clean |
WithSecure (Linux) | Clean |
ESET Security (Windows) | Clean |
DrWeb Antivirus (Linux) | Trojan.Siggen6.53799 |
ClamAV (Linux) | Clean |
eScan Antivirus (Linux) | Clean |
Kaspersky Standard (Windows) | Clean |
Emsisoft Commandline Scanner (Windows) | Clean |