Static Analysis

PE Compile Time

2011-06-14 22:01:16

PE Imphash

09d0478591d4f788cb3e5ea416c25237

PEiD Signatures

PECompact 2.xx --> BitSum Technologies

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0002e000 0x0000c600 7.99627200377
.rsrc 0x0002f000 0x00002000 0x00002000 7.54769535734

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0002e000 0x00000cd0 LANG_NEUTRAL SUBLANG_NEUTRAL empty
RT_GROUP_ICON 0x0002ecd0 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL empty
RT_VERSION 0x0002ece8 0x000001f4 LANG_ENGLISH SUBLANG_ENGLISH_US empty

Imports

Library kernel32.dll:
0x42f0f0 LoadLibraryA
0x42f0f4 GetProcAddress
0x42f0f8 VirtualAlloc
0x42f0fc VirtualFree
PEC2^O
9_V|zEF
s=;zP_`
vvJr;t
2Ql5@x
XgvgH9xz$
I@Z~eU
dI`9#4
~5k+/m
_cHi(K
%nMf#C
PECompact2
A.M>E2L"
1@r4uI
;x!6 @
cHfG\a
?!3Z0w[
DlFp82Z
Z2Zln@U
|>]P]&
?'g>V+?!1
]y2?bz
s;dD.s
46|5/{
Q#|q8
1qm7-c
.#p(`-y
g~ 48@)
;pjnQeM
zLn|5c
VYG^6m
o/qGgI
t_sw"J
sjx"SL%]
^2V6O<6
n>cW9
8-/qrQ
`eQ'zK
@e{v`?qj
F\qdp
gPaf8@
SurnyWk
M>i&;
<3U0{z
f<>r*DxUA
*YG&_
"1OCui
O::BcVR
.OrJdj
!|TL?X^d
w|Bo>"(
)7NJuTa
":qseo0n.MP
3w3v12
|l_?k:
~ >N.u$
\FR j
Qy+@>D
0U\bJ{
\(Chx"
3]5OtCUR
2r3+0f
IbL+*j
Hjd}Al
VaZ8PM
m<Lf$`
O/GEFT
"S>B|-
hb-'5E
$"_!bJ
%7Rt:.
)#2_ksSV
ue1 )iN(
MqJWG=
=hf=:w|"
w,ecw'
`RW4D:
G9NpkhxP
1NtY1!
i4~3JW
~p[-F,
Ageem54
.9Gb6Eo
,ZYysN]
OwO_H
%@\*?[w#
sX5HQQ
vK?n2|g
#NMwrB
S3'I=
j@XZs7
TH8Z+V
Oxj{jA
[F,StK;
5gomftC
<G7St#
Kb5'*I
't`.Z1
Xin:;s
cZfGI+
kernel32.dll
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
-wUlF@
=aVctj
ZPY$[]
P/U(N#
aiA-_^W
(W!ncM>
I--$@H
zPeO:M
A#|x8Q@
2:&Zh
ms9vbu
licat@on eqr
p.The|g<cgd
SDLtG&5
cd,alw
Exi)tP
USQWVR
Z^_Y[]
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Clean
Elastic malicious (high confidence)
ClamAV Win.Malware.Swisyn-6911464-0
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.Generic.kc
ALYac Trojan.Agent.EVKN
Cylance Unsafe
Zillya Trojan.Swisyn.Win32.35153
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
Alibaba Clean
K7GW Trojan ( 00092db21 )
K7AntiVirus Trojan ( 00092db21 )
huorong Trojan/Agent.w
Baidu Clean
VirIT Trojan.Win32.GenX.AD
Paloalto Clean
Symantec W32.Gosys
tehtris Clean
ESET-NOD32 Win32/VB.OSK
APEX Malicious
Avast Win32:Evo-gen [Trj]
Cynet Malicious (score: 100)
Kaspersky Trojan.Win32.Swisyn.bner
BitDefender Trojan.Agent.EVKN
NANO-Antivirus Trojan.Win32.Swisyn.fouerd
ViRobot Clean
MicroWorld-eScan Trojan.Agent.EVKN
Tencent Trojan.Win32.Swisyn.ca
Sophos Troj/VB-JVT
F-Secure Trojan.TR/Crypt.XPACK.Gen
DrWeb Trojan.Siggen6.54687
VIPRE Trojan.Agent.EVKN
TrendMicro Clean
McAfeeD Real Protect-LS!2C94880E7D58
Trapmine malicious.high.ml.score
CTX exe.trojan.evkn
Emsisoft Trojan.Agent.EVKN (B)
Ikarus Trojan.Win32.Delf
GData Win32.Trojan.PSE.1249DSV
Jiangmin Trojan/PSW.Lmir.dah
Webroot W32.Trojan.Gen
Varist W32/Trojan.CPXN-1141
Avira TR/Crypt.XPACK.Gen
Antiy-AVL Trojan/Win32.Swisyn
Kingsoft malware.kb.a.1000
Gridinsoft Ransom.Win32.Zbot.oa!s1
Xcitium TrojWare.Win32.Trojan.XPACK.Gen@2ho5ur
Arcabit Trojan.Agent.EVKN
SUPERAntiSpyware Clean
ZoneAlarm Troj/VB-JVT
Microsoft PWS:Win32/Zbot!ml
Google Detected
AhnLab-V3 Trojan/Win32.Swisyn.R262946
Acronis suspicious
VBA32 Trojan.VB.01049
TACHYON Clean
Malwarebytes Generic.Malware.AI.DDS
Panda Trj/Genetic.gen
Zoner Clean
TrendMicro-HouseCall Clean
Rising Trojan.VB!8.B20 (TFE:3:Br4o3idVygG)
Yandex Trojan.Swisyn!C8tYl9Z9HEk
TrellixENS W32/Swisyn.ag
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/VB.QOT!tr
AVG Win32:Evo-gen [Trj]
DeepInstinct MALICIOUS
alibabacloud Trojan:MSOffice/Swisyn.58aab74d
IRMA Signature
Trend Micro SProtect (Linux) Clean
Avast Core Security (Linux) Win32:Evo-gen [Trj]
C4S ClamAV (Linux) Win.Malware.Swisyn-6911464-0
Trellix (Linux) W32/Swisyn.ag virus
Sophos Anti-Virus (Linux) Troj/VB-JVT
Bitdefender Antivirus (Linux) Trojan.Agent.EVKN
G Data Antivirus (Windows) Virus: Trojan.Agent.EVKN (Engine A)
WithSecure (Linux) Trojan.TR/Crypt.XPACK.Gen
ESET Security (Windows) Win32/VB.OSK trojan
DrWeb Antivirus (Linux) Trojan.Siggen6.54687
ClamAV (Linux) Win.Malware.Swisyn-6911464-0
eScan Antivirus (Linux) Trojan.Agent.EVKN(DB)
Kaspersky Standard (Windows) Trojan.Win32.Swisyn.bner
Emsisoft Commandline Scanner (Windows) Trojan.Agent.EVKN (B)
Cuckoo

We're processing your submission... This could take a few seconds.