Static Analysis

PE Compile Time

2012-12-26 15:55:05

PE Imphash

5b4e734e734027217722fe4eb0093f3d

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.MPRESS1 0x00001000 0x00017000 0x00007a00 7.99204052483
.MPRESS2 0x00018000 0x00000c6e 0x00000e00 5.61324899616
.rsrc 0x00019000 0x00000090 0x00000200 0.625324970383

Resources

Name Offset Size Language Sub-language File type
DAT 0x00015490 0x00001600 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
DAT 0x00015490 0x00001600 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty

Imports

Library KERNEL32.DLL:
0x418064 GetModuleHandleA
0x418068 GetProcAddress
Library ADVAPI32.dll:
0x418070 FreeSid
Library SHELL32.dll:
0x418078 None
Library WININET.dll:
0x418080 InternetOpenA
.MPRESS1
.MPRESS2n
WMo1=Q5
h*[[
I++T5fGH
Z|o;Yn.
-QKNI#Z
G3Z-ev
`*K,3Y
*Pah 0
u9XK1S
*jbQ=Na
/q|qMX6)
Al^p.-
8aOV{\8
m^<hD
?o8Re>I'~
.^"gEc
~@c\aVp`lD
y]B4uagd:
A:)xm*
r7;O94
nty/6_
qP|c@B#]\J{
&0;71?
vn2;qn
I6vLGU
vP]ghU
y@o<;C'm
;a;,Kr
:@?6O+[
q(LY<:
!~&|FE
4u_TYk
~NuzSE
RX0h="
,!|fOQ
g J&m0C
9,a]^Op
~<fB1l
LBf7(7,
hN13ou1
0@}U'1fK1
'KNZu-
lyfo`4
2jf0sUn
x*q5%S
^VWqn"
#|[<}s
[='UKt
oF%7;d
F^kAjB
BL'@?zst
yIK5x9T
H5Uo>N
g ~kV(@
YTK`$#
V;GH `
C%X\LBxQ8
-^0,DKP
Xh6'My,%
#,[y2|-
Dhr}<`
F@GE{8
50st/1
3]\xa`
(h\i0*$g
U~M#;~(
x"/W'(
$#AqgI
j@994$
$@bhzV
Kh_mtt
m'V1%d'*
Hbh!%8d
"n_)]2O
gS^jc/+E||A
z*{=a)z
Z@kz3
5DU(#V
1#:cP)+
Bvw'?:5]
;)*h<i.
h}oT%e
O/P:]d
i.IA]@hF9
MOJTIWEN75
GetModuleHandleA
GetProcAddress
KERNEL32.DLL
ADVAPI32.dll
FreeSid
SHELL32.dll
WININET.dll
InternetOpenA
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H+
s`)L$4
D$t+D$\
)D$H+
9l$\w`
5.mf6*,
8GTlT|\8<
o,D8j'R
,<AZ{A
]$!grX
|21Pa11
u5>N'R`!
L5bRx=
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
Elastic malicious (high confidence)
ClamAV Win.Malware.Scar-6745903-0
CMC Clean
CAT-QuickHeal Trojan.GenericPMF.S22363690
Skyhigh BehavesLike.Win32.Ursnif.qc
ALYac Gen:Trojan.Heur.GM.01C0010402
Cylance Unsafe
Zillya Trojan.Scar.Win32.144767
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
Alibaba Clean
K7GW Trojan ( 0054e5911 )
K7AntiVirus Trojan ( 0054e5911 )
huorong Trojan/Diofopi.a
Baidu Win32.Trojan.Shyape.a
VirIT Trojan.Win32.AgentT.DZDC
Paloalto Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/Shyape.G
APEX Malicious
Avast Win32:Trojan-gen
Cynet Malicious (score: 100)
Kaspersky Trojan.Win32.Scar.okdf
BitDefender Gen:Trojan.Heur.GM.01C0010402
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Gen:Trojan.Heur.GM.01C0010402
Tencent Trojan.Win32.Scar.wb
Sophos Troj/Kelihos-BS
F-Secure Trojan.TR/Dropper.Gen
DrWeb Trojan.DownLoad3.19306
VIPRE Gen:Trojan.Heur.GM.01C0010402
TrendMicro BKDR_DIOFOPI.SM
Trapmine malicious.high.ml.score
CTX exe.trojan.generic
Emsisoft Gen:Trojan.Heur.GM.01C0010402 (B)
Ikarus Trojan.Win32.Scar
GData Gen:Trojan.Heur.GM.01C0010402
Jiangmin Unsafe.PE.in
Webroot W32.Trojan.Gen
Varist W32/Shyape.E.gen!Eldorado
Avira TR/Dropper.Gen
Antiy-AVL Trojan/Win32.Shyape
Kingsoft malware.kb.b.999
Gridinsoft Trojan.Win32.Agent.oa!s1
Xcitium TrojWare.Win32.Shyape.Z@83gos3
Arcabit Trojan.Heur.GM.01C0010402
SUPERAntiSpyware Clean
ZoneAlarm Troj/Kelihos-BS
Microsoft Trojan:Win32/Sakurel!pz
Google Detected
AhnLab-V3 Trojan/RL.Scar.R257359
Acronis suspicious
McAfee Trojan-FRKD!4BBCE43A10C7
TACHYON Clean
VBA32 Trojan.Scar
Malwarebytes Generic.Malware.AI.DDS
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall BKDR_DIOFOPI.SM
Rising Backdoor.FFRat!1.A74F (CLASSIC)
Yandex Trojan.GenAsa!+L+LGuwwhOg
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Shyape.Z!tr
AVG Win32:Trojan-gen
DeepInstinct MALICIOUS
alibabacloud Trojan:Win/Diofopi.1b7920b3
IRMA Signature
Trend Micro SProtect (Linux) BKDR_DIOFOPI.SM
Avast Core Security (Linux) Win32:Trojan-gen
C4S ClamAV (Linux) Win.Malware.Scar-6745903-0
Trellix (Linux) Trojan-FRKD
Sophos Anti-Virus (Linux) Troj/Kelihos-BS
Bitdefender Antivirus (Linux) Gen:Trojan.Heur.GM.01C0010402
G Data Antivirus (Windows) Virus: Gen:Trojan.Heur.GM.01C0010402 (Engine A)
WithSecure (Linux) Trojan.TR/Dropper.Gen
ESET Security (Windows) a variant of Win32/Shyape.G trojan
DrWeb Antivirus (Linux) Trojan.DownLoad3.19306
ClamAV (Linux) Win.Malware.Scar-6745903-0
eScan Antivirus (Linux) Gen:Trojan.Heur.GM.01C0010402(DB)
Kaspersky Standard (Windows) Trojan.Win32.Scar.okdf
Emsisoft Commandline Scanner (Windows) Gen:Trojan.Heur.GM.01C0010402 (B)
Cuckoo

We're processing your submission... This could take a few seconds.