Static Analysis

PE Compile Time

2006-03-02 19:50:37

PE Imphash

bc5994e55cbe4fadd0cc6ce15d753e0a

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
UPX0 0x00001000 0x00011000 0x00000000 0.0
UPX1 0x00012000 0x00009000 0x00008800 7.94386461403
UPX2 0x0001b000 0x00001000 0x00000200 3.31039001281

Imports

Library ADVAPI32.dll:
0x41b08c RegCloseKey
Library KERNEL32.DLL:
0x41b094 LoadLibraryA
0x41b098 ExitProcess
0x41b09c GetProcAddress
0x41b0a0 VirtualProtect
Library MPR.dll:
0x41b0a8 WNetOpenEnumA
Library SHELL32.dll:
0x41b0b0 ShellExecuteA
Library USER32.dll:
0x41b0b8 EnumWindows
Library WS2_32.dll:
0x41b0c0 gethostbyaddr
!This program cannot be run in DOS mode.
T.m1QGNm'
t>Yoe2
v|r!l
Ab!x<]
mdxjSkV
@y83tV,
N,vS>^6
U!2[7|
>8g%C8
0`t]lb
`_s4&&4
aw%"VO
!_nY1Jg
v2djdy
8)5##
L#R6l7
#~HgJt(}
m8GktK
4Y =@p
p49unH
[k(Q@|LL
{:AV[L\k@7
%m/riv6
B~%mt2#
Squ,OG
(hXJUPEy#
n_sm(~
:|six*
M22bP
nA7|'I
dA1UvY
>7[Y:`
Cu]O2Q
YH#K=81
pM!.:tw6
;\LnM>f
`W *S>
lM00]T2
9_/G h$
j}v@h'
5bcl8:z
1wCq%i
GF%Kg`
+}-8h,A
U^MU$c
rq-yzffhI/
rHy<o.
6/1ba>
[6`L}5
]Rlg{Z
T=]14!@
%>Y ^)
-6>L"}g}
X/ZQycp
@D5\o/
,75"lQ
2lq_%#0
(BA~U/
)w:A-^
1>\C7C
>ls]@w
^ynh*b
%X>1p-<
FlP-HY
FFSh1w
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H)
s`)L$4
D$t+D$\
)D$H)
9l$\w_
XPTPSW
ADVAPI32.dll
KERNEL32.DLL
MPR.dll
SHELL32.dll
USER32.dll
WS2_32.dll
RegCloseKey
ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect
WNetOpenEnumA
ShellExecuteA
EnumWindows
8\2H##
`!?,U8
1A~{2B
'%4B>r
0nC0$W
5@.4623
aK%0E?/
c"VL<7O'
kkr'*=
x8Y.gw
6!i3};>
cZ."NF?
;]W97p
>Uc_V
{(Cj 5
>d=P?WRj
bPv<06
"~&Q0O
9"?Jw8lv
U+"Uz5
tw+2u/
Sv,V@n0-
EQ<2*q`
[xT?rP
GsR90>
,X>5|
$`8GtH;B
.Q1i`{=
*1EC]0
2g}a n+
%QcV=T
fI62<l4
6[kP98Z
|y7I9v
]X8x`=
55\8*~
wjw/n
3p0V!/
0St}"B
0xj~==>
1>Pc}<-
2Gz "B$
n4(Q--
$!)\mh2
7Z&y++s6'
<}~'ck[
(#p_{3
=TXB>`I=
6v*s$=
G}b2(
79+>[
3,,+&X*Z
"*@)7%
0#6vh5
(P1U:L,N+
(&>O"o
"Cz/&H
j-(4Er1"
r5K3$6B_
C5X,M Yk
8Eh)8
.*{)R#
[9PU8=
b%>&x'
V;wvP,x!
:NYb=?
.P:L?uo
w9z{. #
Ia0sn18
'*?1F
f(>Cd*
MnR3&i
/si6,:
<";jn/t`
f%W)F8.
!XJM=%w
(Y2c(<*8
;y+C/B
*s2(0*
t"no@9
.yt=3\
!1|>*n)
,,}6];
&68[a)'
6&{SX6
l!d>A"
er^(6I
B32t"9U
2rOY7)h
x#;Syl
V(!R0E%qa
&Xm{<?
r<}6mj
L*6CV)
K!70Z*
v&<!B17
ll(-/,
OhW?\&
<U<y$Xw
4586ys
E.>eV",0
y;+z{1
+\P56
;Cl(9r
G /eO-
{9O0y
3<|%G7
Zn*No;
oY=-(@1
>8kc?eH
;5=H</
'Q1p5"
o30C|.
N,=eA/*d
-}W]=l
377s:.
,5?'e:&
2Dwa797V
!/{N`
7("&-s
b!S>Op
"UK|'`X
;30yrq
>M0A2H
)7z\"fB
ScP3Z
P(gw-G
Yz >`}
q@8k5`
6&"]5'
42}TyM =
5*yP=[ Y)
Vy.@/
t<)^3n!KV
?,@!6=
<z2:HL+
/}7K%~}!
!-:z;P
t&e.Kg
o'ECV,
{!|Db=
.j^U:=
R2@$A2M
&l8&/s
/O/A94S
5#g'2)
!34<V4
>3%^&$8
No antivirus signatures available.
IRMA Signature
Trend Micro SProtect (Linux) Worm.Win32.SFONE.SM
Avast Core Security (Linux) Win32:MalwareX-gen [Wrm]
C4S ClamAV (Linux) Win.Malware.Bbabdcdc-7358314-0
Trellix (Linux) GenericRXKN-BX
Sophos Anti-Virus (Linux) W32/Sfone-A
Bitdefender Antivirus (Linux) Gen:Heur.Mint.Murphy.3
G Data Antivirus (Windows) Virus: Gen:Heur.Mint.Murphy.3 (Engine A), Win32.Worm.Sfone.B (Engine B)
WithSecure (Linux) Trojan.TR/Crypt.ULPM.Gen
ESET Security (Windows) Win32/Agent.CP worm
DrWeb Antivirus (Linux) Win32.HLLW.Siggen.1607
ClamAV (Linux) Win.Malware.Bbabdcdc-7358314-0
eScan Antivirus (Linux) Gen:Heur.Mint.Murphy.3(DB)
Kaspersky Standard (Windows) Worm.Win32.Agent.cp
Emsisoft Commandline Scanner (Windows) Gen:Heur.Mint.Murphy.3 (B)
Cuckoo

We're processing your submission... This could take a few seconds.