Static Analysis

PE Compile Time

2010-11-05 22:30:50

PE Imphash

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0001dbf8 0x0001dc00 7.24861216365
.reloc 0x0001f000 0x00000178 0x00000200 0.973850921236

Imports

Library KERNEL32.dll:
0x10001000 CreateProcessA
0x10001004 CloseHandle
0x10001008 WriteFile
0x1000100c CreateFileA
0x10001010 GetTickCount
0x10001014 lstrcpyA
0x10001018 lstrcatA
0x1000101c lstrlenA
0x10001020 GetTempPathA
0x10001024 SetErrorMode
Library USER32.dll:
0x1000102c wsprintfA
!This program cannot be run in DOS mode.
Rich1`
.reloc
kOH<T/
6m/qQn-
:PSs7+I/]
/xH(*6*B
i>W{&{k
V_rp@b
&]vc{A<
9R~QHH
FH\aR7)F
11=-q{
Lu!7XY
cD@uQiU<
oG^LY8
}'~B}*bC_gl
VFbPyH
ah7Ry-6
Gux+eeQ
Z`zdSW
6{p~=(
T=3u}
%ZMr6s
MR"G*4
jqn>w[+
]0K_8j
LBVarV
>q<BK?
cfYmp@Q
'o]ultdZ
3V&Ub/q
4TjRYgg
})BEy)
_,/)d]
c9rQ0
fiNhFb
bUhdn'y
'`ippD
t@VVbm
X|'Z4l
VlxwIC
qQM^{'
F/ r[c
4@P:*Y
Hz,2yB4
!l6D%$U
Kg^Fg5
8U*>|)
SE;g`{
[S|\zL
bK]Jx
'RG-=m]
A=_^>=
35Ckb!
7/'*w#
Qm4xtC
X7u0Um
=zC^Bh
e:6RP^
"Yh"nmt
By*]-/
tkOB5D
b0rTeFC
:juuST
L(}n;
~C-i?
]HGqfH
Yi)iuV
E\6Qw*
Jx-{\#
8@_ZEa
72QV:V
3UZrTD
jQ,s:1
qB}=^g
:>?_(q6
m=r`!i
prp?4A}
BmTh-=1
Kilj&C
PX!0B|
ewZ~N!M
_b%VD5
}h5W$$
_@&9]W|
%v%l]8
WDPRd\5s
1e`!87
cYMG\{
?}o#]V73M
EW[p@p(k
'b[O)l
K9^\I5
`cs_\q
O[t)vy
lz:m0R
i39:I~
!Gq%w
uvv]5d
q~!=o1\
nHrw+w
bim-AyH?
f|(pjO0
2W"Q8D
l{yKF;s
$Bg7u}
xQ/mW]$
(GtsgE[F9
WOpv-E)
+MAUo.
-bGhT%
.2pHt,{
d8`*<?
<6]fFT
BT8?\Ul
);xw|^l
rPjEC7Yb
Q?I8-
f_kxN.
cf,R{6f
)Ifn$<
o#`^kk
W^WO1Q
a.!tO6
<jX'oL2<
9gQ0Ii
2xnHkf
sA~[GCWvp"
@cvS@M
?,6g+J*o
Her(9]
ANu}*k
P3iEh2
`NfDD&
fF1C:A
N;A;ny
ywUfJvx
c K1`
71rr5
)~91ML
{p4gY
"~l K#(
96gpeS
EeSMWx%
2d/p?b.g
Gv)54|
^xXAo*
y90s)!
&Sq\A!qd
Z={J6$
ucM#Vr
nVvhBJ
V/]E)y
)j`t"T
s^Jdv
?o==nd
%x.exe
%x.exe
RkeVk9!
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode
KERNEL32.dll
wsprintfA
USER32.dll
8'858@8M8s8
Antivirus Signature
Bkav Clean
Lionic Clean
Elastic Windows.Generic.Threat
ClamAV Win.Trojan.Crypt-6607
CMC Clean
CAT-QuickHeal TrojanDropper.Sality.U
Skyhigh BehavesLike.Win32.Vundo.cc
ALYac Clean
Cylance Unsafe
Zillya Virus.Salpack.Win32.2
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Clean
K7GW Trojan ( 002261711 )
K7AntiVirus Trojan ( 002261711 )
huorong TrojanDownloader/Sality
Baidu Win32.Trojan.Sality.o
VirIT Win32.Salpack.GEN
Paloalto Clean
Symantec Trojan.Dropper
tehtris Clean
ESET-NOD32 Win32/Sality.NBJ
APEX Malicious
Avast Win32:Sality-GR
Cynet Malicious (score: 100)
Kaspersky Packed.Win32.Salpack.e
BitDefender Dropped:Win32.Sality.3
NANO-Antivirus Trojan.Win32.MlwGen.imceu
ViRobot Trojan.Win32.SalityPacked.A
MicroWorld-eScan Dropped:Win32.Sality.3
Tencent Trojan.Win32.Kryptik.kav
Sophos Mal/EncPk-XK
F-Secure Trojan.TR/Crypt.XPACK.Gen
DrWeb Trojan.Siggen6.33094
VIPRE Dropped:Win32.Sality.3
TrendMicro TROJ_SALITY.SM
McAfeeD Real Protect-LS!C245F51528A0
Trapmine malicious.high.ml.score
CTX dll.unknown.dropped
Emsisoft Dropped:Win32.Sality.3 (B)
Ikarus Virus.Win32.Heur
GData Dropped:Win32.Sality.3
Jiangmin Trojan/Vilsel.sap
Webroot W32.Sality.Gen
Varist W32/Sality.AM
Avira TR/Crypt.XPACK.Gen
Antiy-AVL Trojan[Packed]/Win32.Salpack.e
Kingsoft Win32.Agent.ts.123392
Gridinsoft Clean
Xcitium Virus.Win32.Sality.NBJ@1qvbe9
Arcabit Win32.Sality.3
SUPERAntiSpyware Virus.Agent/Gen-Sality
ZoneAlarm Mal/EncPk-XK
Microsoft TrojanDropper:Win32/Sality.AU
Google Detected
AhnLab-V3 Trojan/Win32.Vilsel.R4491
Acronis Clean
VBA32 Virus.Win32.Sality.bakb
TACHYON Clean
Malwarebytes Generic.Malware.AI.DDS
Panda W32/Sality.AK.drp
Zoner Clean
TrendMicro-HouseCall TROJ_SALITY.SM
Rising Virus.Sality!1.BD1F (CLASSIC)
Yandex Trojan.GenAsa!l3v8WlX8bdw
TrellixENS W32/Sality.ay
SentinelOne Static AI - Malicious PE
MaxSecure Clean
Fortinet W32/Kryptik.VKL!tr
AVG Win32:Sality-GR
DeepInstinct MALICIOUS
alibabacloud Virtool:Win/Salpack.1b006b56
IRMA Signature
Trend Micro SProtect (Linux) TROJ_SALITY.SM
Avast Core Security (Linux) Win32:Sality-GR
C4S ClamAV (Linux) Win.Trojan.Crypt-6607
Trellix (Linux) W32/Sality.ay virus
Sophos Anti-Virus (Linux) Mal/EncPk-XK
Bitdefender Antivirus (Linux) Dropped:Win32.Sality.3
G Data Antivirus (Windows) Virus: Dropped:Win32.Sality.3 (Engine A)
WithSecure (Linux) Trojan.TR/Crypt.XPACK.Gen
ESET Security (Windows) Win32/Sality.NBJ virus
DrWeb Antivirus (Linux) Trojan.Siggen6.33094
ClamAV (Linux) Win.Trojan.Crypt-6607
eScan Antivirus (Linux) Dropped:Win32.Sality.3(DB)
Kaspersky Standard (Windows) Packed.Win32.Salpack.e
Emsisoft Commandline Scanner (Windows) Dropped:Win32.Sality.3 (B)
Cuckoo

We're processing your submission... This could take a few seconds.