Static Analysis

PE Compile Time

2012-12-26 15:55:05

PE Imphash

5b4e734e734027217722fe4eb0093f3d

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.MPRESS1 0x00001000 0x00017000 0x00007a00 7.99204052483
.MPRESS2 0x00018000 0x00000c6e 0x00000e00 5.61324899616
.rsrc 0x00019000 0x00000090 0x00000200 0.658100252318

Resources

Name Offset Size Language Sub-language File type
DAT 0x00015490 0x00001600 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty
DAT 0x00015490 0x00001600 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED empty

Imports

Library KERNEL32.DLL:
0x418064 GetModuleHandleA
0x418068 GetProcAddress
Library ADVAPI32.dll:
0x418070 FreeSid
Library SHELL32.dll:
0x418078 None
Library WININET.dll:
0x418080 InternetOpenA
.MPRESS1
.MPRESS2n
WMo1=Q5
h*[[
I++T5fGH
Z|o;Yn.
-QKNI#Z
G3Z-ev
`*K,3Y
*Pah 0
u9XK1S
*jbQ=Na
/q|qMX6)
Al^p.-
8aOV{\8
m^<hD
?o8Re>I'~
.^"gEc
~@c\aVp`lD
y]B4uagd:
A:)xm*
r7;O94
nty/6_
qP|c@B#]\J{
&0;71?
vn2;qn
I6vLGU
vP]ghU
y@o<;C'm
;a;,Kr
:@?6O+[
q(LY<:
!~&|FE
4u_TYk
~NuzSE
RX0h="
,!|fOQ
g J&m0C
9,a]^Op
~<fB1l
LBf7(7,
hN13ou1
0@}U'1fK1
'KNZu-
lyfo`4
2jf0sUn
x*q5%S
^VWqn"
#|[<}s
[='UKt
oF%7;d
F^kAjB
BL'@?zst
yIK5x9T
H5Uo>N
g ~kV(@
YTK`$#
V;GH `
C%X\LBxQ8
-^0,DKP
Xh6'My,%
#,[y2|-
Dhr}<`
F@GE{8
50st/1
3]\xa`
(h\i0*$g
U~M#;~(
x"/W'(
$#AqgI
j@994$
$@bhzV
Kh_mtt
m'V1%d'*
Hbh!%8d
"n_)]2O
gS^jc/+E||A
z*{=a)z
Z@kz3
5DU(#V
1#:cP)+
Bvw'?:5]
;)*h<i.
h}oT%e
O/P:]d
i.IA]@hF9
MOJTIWEN75
GetModuleHandleA
GetProcAddress
KERNEL32.DLL
ADVAPI32.dll
FreeSid
SHELL32.dll
WININET.dll
InternetOpenA
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H+
s`)L$4
D$t+D$\
)D$H+
9l$\w`
5.mf6*,
8GTlT|\8<
o,D8j'R
,<AZ{A
]$!grX
|21Pa11
u5>N'R`!
L5bRx=
No antivirus signatures available.
IRMA Signature
Trend Micro SProtect (Linux) Clean
Avast Core Security (Linux) Win32:Trojan-gen
C4S ClamAV (Linux) Win.Malware.Scar-6745903-0
Trellix (Linux) Trojan-FRKD
Sophos Anti-Virus (Linux) Troj/Kelihos-BS
Bitdefender Antivirus (Linux) Gen:Trojan.Heur.GM.01C0010402
G Data Antivirus (Windows) Virus: Gen:Trojan.Heur.GM.01C0010402 (Engine A)
WithSecure (Linux) Trojan.TR/Dropper.Gen
ESET Security (Windows) a variant of Win32/Shyape.G trojan
DrWeb Antivirus (Linux) Trojan.DownLoad3.19306
ClamAV (Linux) Win.Malware.Scar-6745903-0
eScan Antivirus (Linux) Gen:Trojan.Heur.GM.01C0010402(DB)
Kaspersky Standard (Windows) Trojan.Win32.Scar.okdf
Emsisoft Commandline Scanner (Windows) Gen:Trojan.Heur.GM.01C0010402 (B)
Cuckoo

We're processing your submission... This could take a few seconds.