Static Analysis

PE Compile Time

1992-06-20 01:22:17

PE Imphash

340b68d3badf5efdff83e99017a788db

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
UPX0 0x00001000 0x00017000 0x00000000 0.0
UPX1 0x00018000 0x00008000 0x00007c00 7.8725935319
.rsrc 0x00020000 0x00001000 0x00000800 3.71378512545

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00020154 0x000002e8 LANG_SPANISH SUBLANG_SPANISH_MODERN Device independent bitmap graphic, 32 x 64 x 4, image size 512
RT_RCDATA 0x00012448 0x000000a8 LANG_NEUTRAL SUBLANG_NEUTRAL empty
RT_RCDATA 0x00012448 0x000000a8 LANG_NEUTRAL SUBLANG_NEUTRAL empty
RT_GROUP_ICON 0x00020440 0x00000014 LANG_SPANISH SUBLANG_SPANISH_MODERN data

Imports

Library advapi32.dll:
0x42051c RegCloseKey
Library KERNEL32.DLL:
0x420524 LoadLibraryA
0x420528 ExitProcess
0x42052c GetProcAddress
0x420530 VirtualProtect
Library mpr.dll:
0x420538 WNetAddConnection2A
Library oleaut32.dll:
0x420540 SysFreeString
Library shell32.dll:
0x420548 ShellExecuteA
Library URLMON.DLL:
0x420550 URLDownloadToFileA
Library user32.dll:
0x420558 CharNextA
Library wininet.dll:
Library wsock32.dll:
0x420568 send
StringX
TObject
q{+]i3;
8S(@N?d
-=]3WS
;=Gu,)
8KZh+3
&j8V@h
bSK4)6
g$xtZXtU0
~KxI[)
S..y$1M
OFTWARE\Borland\Delphi\RTL
Nt5]w_
4(Do|
{ZA!Ry+
k/-Rf;0
}&^~")
!s3oZI
kiL`pL
@.y9Mh@9
TBisBot
^"?xG8
3IVMSG
gXh4i@
<'GPLx
k00L:0B
@B.yF
l!/i~/
llU_2!
hdh8ht
m6`LxL`
DcJO8 +Ht
+DE Gd
login
2O :L%are
cta - Nivel:MASTER
_dfisier;
sc<c F
_mple`
QUIT+Upd!
[pnto0
faAA7m
<systmp
ckONICK/{
Gjo^WpaH
Vbag7To%/#a
om EwEGI(RY
CDPJw<$
xtrwm?-
h.cXlo,
1942+
Fl<Out
d3DAoCColC
f-Lifed
UT2004Dh
tDHtv#
DCPlus
"ption type="s
">#,XTR</
pb`$y_
pifL$kE
md#bat
defghijklmnopqr
uvwxyz
([^_FP
HUnkn[@
ya9598SE
aWJJNV
S} M"u\P
rogram
up\G%Wd,
INDOWS./6a'
d1dE, Wp
uBN`e!
api32.d
ACBuf\rF
ck217356746
Err/gR
01234
2:FV4M
GP&=O8
4UTyp$
*S<API
&pWebServ
,T6i8!
!#Cp2J
F.G<dS
W}#"RdA
QCpw11
Library>Get0
bu`s!sPE
d.)p=c
E)Of7RtlJ
O<n[.6
5;cn/A
(NmxIav
I ghobynaC
XPTPSW
Gggfv@
&vvggd
wwgbvt
1wwwr"gf@
1wwwr"vv@
wr""gf@
wr""&f@
ww"w""@
wr'""@
advapi32.dll
KERNEL32.DLL
mpr.dll
oleaut32.dll
shell32.dll
URLMON.DLL
user32.dll
wininet.dll
wsock32.dll
RegCloseKey
ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect
WNetAddConnection2A
SysFreeString
ShellExecuteA
URLDownloadToFileA
CharNextA
InternetGetConnectedState
uz@>_MPw
<kyyn!
aF0|yv
LaSepP
)\THNX
P}CWvk
T .Krw
DQTUcb
>V/5 +#
A?i8"e
E-k-IIsa
U.fuM2
\^09m|b
83~PW2
#F:m!~N
%3]XCIRC
;)RuB@B
huflW@u0I
-41X jwZY
=G+cyV
x%f#s&`
E]E<{-H
-Q)<R\
2V]*4bYZ'h*]
dHoxK^r
+5?g'b
Re?k?2
YVoC)#.
GG<&e{
v/:TUj
?DA]uj
ow-0u}
m,gkt^5K
<Bw.q2Q
G,%),_d
cdfwn'uI
}J2sytJX
0(x7@:
;[U#Ef
$pO-NU
yT?,V5
U{|'BH
Q74p\3$
/AGB~x
;0?ii%
b_YGODWR
_lNywFY
I*6.is%
ss<uaZ%
\cS?8WiU
rmB X
hh3YB!8
C)t^}*
T =lZ@
(o(~Bd/%
.N%:9K
{2Mpx~
#Kojbx
+\y|gq#
AQPB*x
swhv^N2
UCv-c)
JFUXOH4_@ih
MIuaGQ5
#w.BG{
LsxTPB
h+`{6O
-V2.Iw
'Q&G6W
X@[v%[GiG
56\6k3
6dX%s1
T9(W*6
m=-ipd
5d38+$
, 8/>m
@CHwH~
`Q=1GS(
HI{v5QR
ddjBC,w
TWO%&~
#YRe..+
[kOLl
'T=-4s(
7REODe
kTf0co
rz:" X
?bay^V
oqJX1w
K-jsy
sB|}[1
lR-E/QQ
'wkOa\
F_rj:I.\(
Bqa?(T|
m*q%rK
YYn`gx
a_swmz
y<XG4M
mOML{'
;DI-oIS
e=RaLy
yD6.F1
4'#9G"
y) PY
}T3Bc~&
kyj3<:/
^B;j]:
5hO:~M
TT\==DF"[I<
?7B ){Z
L~j[I!
`u_D"H
:`Awu{fT
/'mSKY
ujF;o}
~&qo2j@J
iZL+q]
ad'?`=
?@U^la
Jc;d5
M`p6p.;
@a3GVW
:m]k^q
N vF9m+
4b[;<fD
CdqNe/
x9/\E&r
!9hx6B4
S9ZK[<H
E0FJ[U
Cvg1+^
$N5^Oq
BZ-L8*
;`72|}\k
][r$t G
BKO:tu"
Kvfbc$i{
"yU+OF
9p1%zo
@$~qD'A
lUk5P1
+wz3.)
3U"(b?G
Ya/\'_0
{\kGx*(
($.:u_
a0FvHs
6E;wx>>
LSYJ#.
DVCLAL
PACKAGEINFO
MAINICON
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
Elastic malicious (moderate confidence)
ClamAV Win.Trojan.Delf-6717398-0
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.ExploitMydoom.cc
ALYac Generic.Malware.S!dld!.AF6ABF18
Cylance Unsafe
Zillya Backdoor.Delf.Win32.23289
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
Alibaba Clean
K7GW Trojan ( 7000000f1 )
K7AntiVirus Trojan ( 7000000f1 )
huorong Backdoor/IRCBot.bk
Baidu Win32.Trojan.Delf.j
VirIT Trojan.Win32.GenBoT.DIC
Paloalto Clean
Symantec ML.Attribute.HighConfidence
tehtris Clean
ESET-NOD32 a variant of Win32/IRCBot.AZV
APEX Malicious
Avast Win32:MalwareX-gen [Bot]
Cynet Malicious (score: 100)
Kaspersky Backdoor.Win32.Delf.ars
BitDefender Generic.Malware.S!dld!.AF6ABF18
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Generic.Malware.S!dld!.AF6ABF18
Tencent Trojan.Win32.IRCbot.nrc
Sophos ML/PE-A
F-Secure Trojan.TR/Dldr.Delphi.Gen
DrWeb Win32.HLLW.Siggen.10562
VIPRE Generic.Malware.S!dld!.AF6ABF18
TrendMicro BKDR_MYDOOM.SMM
McAfeeD Real Protect-LS!F0FCB890D9D6
Trapmine malicious.moderate.ml.score
CTX exe.unknown.generic
Emsisoft Generic.Malware.S!dld!.AF6ABF18 (B)
Ikarus Backdoor.Win32.IRCBot
GData Win32.Trojan.PSE.14ORHP5
Jiangmin Backdoor/Delf.hxo
Webroot Clean
Varist W32/Delfloader.B.gen!Eldorado
Avira TR/Dldr.Delphi.Gen
Antiy-AVL Trojan[Backdoor]/Win32.Delf
Kingsoft malware.kb.b.1000
Gridinsoft Ransom.Win32.Zbot.oa!s2
Xcitium TrojWare.Win32.TrojanDownloader.Delf.gen@1xqow5
Arcabit Generic.Malware.S!dld!.AF6ABF18
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft PWS:Win32/Zbot!ml
Google Detected
AhnLab-V3 Backdoor/Win.Delf.R698830
Acronis suspicious
VBA32 BScope.Backdoor.Delf
TACHYON Clean
Malwarebytes Malware.AI.2695501458
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall BKDR_MYDOOM.SMM
Rising Backdoor.Delf!8.780 (TFE:5:HCAsfwPAUr)
Yandex Backdoor.Delf!e4TDNUF5i5c
TrellixENS Exploit-Mydoom
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.121218.susgen
Fortinet W32/IRCBot.AZV!tr
AVG Win32:MalwareX-gen [Bot]
DeepInstinct MALICIOUS
alibabacloud Clean
IRMA Signature
Trend Micro SProtect (Linux) BKDR_MYDOOM.SMM
Avast Core Security (Linux) Win32:MalwareX-gen [Bot]
C4S ClamAV (Linux) YARA.UPX.UNOFFICIAL
Trellix (Linux) Exploit-Mydoom virus
Sophos Anti-Virus (Linux) Mal/Generic-S
Bitdefender Antivirus (Linux) Generic.Malware.S!dld!.AF6ABF18
G Data Antivirus (Windows) Virus: Generic.Malware.S!dld!.AF6ABF18 (Engine A)
WithSecure (Linux) Trojan.TR/Dldr.Delphi.Gen
ESET Security (Windows) a variant of Win32/IRCBot.AZV trojan
DrWeb Antivirus (Linux) Win32.HLLW.Siggen.10562
ClamAV (Linux) Win.Trojan.Delf-6717398-0
eScan Antivirus (Linux) Generic.Malware.S!dld!.AF6ABF18(DB)
Emsisoft Commandline Scanner (Windows) Generic.Malware.S!dld!.AF6ABF18 (B)
Cuckoo

We're processing your submission... This could take a few seconds.