2013-06-12 15:49:36
c4c9ecfc26ca516a80b8f6f5b2bdb7e6
| Armadillo v1.xx - v2.xx |
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x000003fc | 0x00000400 | 6.2387096366 |
| .rdata | 0x00002000 | 0x00000181 | 0x00000200 | 3.05451057753 |
| .data | 0x00003000 | 0x0000007c | 0x00000200 | 1.04901350379 |
| .reloc | 0x00004000 | 0x00000088 | 0x00000200 | 2.25304274476 |
| Ordinal | Address | Name |
|---|---|---|
| 1 | 0x10001193 | rundll32 |
| Antivirus | Signature |
|---|---|
| Bkav | W32.FamVT.DebrisA.Worm |
| Lionic | Clean |
| Elastic | malicious (high confidence) |
| ClamAV | Win.Adware.Downware-251 |
| CMC | Clean |
| CAT-QuickHeal | Trojan.Agent.WL |
| Skyhigh | BehavesLike.Win32.AndromedaDownloader.zt |
| ALYac | Gen:Variant.Barys.381598 |
| Cylance | Unsafe |
| Zillya | Worm.DebrisGen.Win32.11 |
| Sangfor | Suspicious.Win32.Save.a |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Alibaba | Clean |
| K7GW | EmailWorm ( 0040f5281 ) |
| K7AntiVirus | EmailWorm ( 0040f5281 ) |
| huorong | HEUR:Worm/Gamarue.a |
| Baidu | Win32.Worm.Bundpil.y |
| VirIT | Worm.Win32.Generic.GRN |
| Paloalto | Clean |
| Symantec | Downloader.Dromedan |
| tehtris | Generic.Malware |
| ESET-NOD32 | Win32/Bundpil.AO |
| APEX | Malicious |
| Avast | Win32:Sg-I [Trj] |
| Cynet | Malicious (score: 100) |
| Kaspersky | Worm.Win32.Debris.b |
| BitDefender | Gen:Variant.Barys.381598 |
| NANO-Antivirus | Trojan.Win32.Debris.cqkxyu |
| ViRobot | Clean |
| MicroWorld-eScan | Gen:Variant.Barys.381598 |
| Tencent | Worm.Win32.Debris.c |
| Sophos | W32/Gamarue-BL |
| F-Secure | Worm.WORM/Gamarue.511265 |
| DrWeb | Trojan.MulDrop4.25343 |
| VIPRE | Gen:Variant.Barys.381598 |
| TrendMicro | WORM_GAMARUE.SML |
| McAfeeD | ti!94FEDE99C43C |
| Trapmine | Clean |
| CTX | dll.unknown.barys |
| Emsisoft | Gen:Variant.Barys.381598 (B) |
| Ikarus | Worm.Win32.Bundpil |
| GData | Win32.Worm.Bundpil.B |
| Jiangmin | Trojan/Generic.axdgt |
| Webroot | W32.Worm.Gen |
| Varist | W32/Csyr.B.gen!Eldorado |
| Avira | WORM/Gamarue.511265 |
| Antiy-AVL | Worm/Win32.Bundpil |
| Kingsoft | malware.kb.a.997 |
| Gridinsoft | Clean |
| Xcitium | Worm.Win32.Bundpil.AH@4yjufs |
| Arcabit | Trojan.Barys.D5D29E |
| SUPERAntiSpyware | Trojan.Agent/Gen-Crypt |
| ZoneAlarm | W32/Gamarue-BL |
| Microsoft | TrojanDownloader:Win32/Andromeda!pz |
| Detected | |
| AhnLab-V3 | Worm/Win32.Debris.R71328 |
| Acronis | Clean |
| VBA32 | Worm.Gamarue |
| TACHYON | Clean |
| Malwarebytes | Bundpil.Worm.AutoRun.DDS |
| Panda | Generic Malware |
| Zoner | Clean |
| TrendMicro-HouseCall | WORM_GAMARUE.SML |
| Rising | Worm.Gamarue!1.9CB3 (CLASSIC) |
| Yandex | Trojan.GenAsa!VJN5611Pa6Y |
| TrellixENS | W32/Worm-FJV!51C96649E579 |
| SentinelOne | Static AI - Malicious PE |
| MaxSecure | Worm.Debris.Gen |
| Fortinet | W32/Bundpil.AO!tr |
| AVG | Win32:Sg-I [Trj] |
| DeepInstinct | MALICIOUS |
| alibabacloud | Worm:Win/Bundpil.6ffcb9c8 |
| IRMA | Signature |
|---|---|
| Trend Micro SProtect (Linux) | WORM_GAMARUE.SML |
| Avast Core Security (Linux) | Win32:Sg-I [Trj] |
| C4S ClamAV (Linux) | Win.Adware.Downware-251 |
| Trellix (Linux) | W32/Worm-FJV |
| Sophos Anti-Virus (Linux) | W32/Gamarue-BL |
| Bitdefender Antivirus (Linux) | Gen:Variant.Barys.381598 |
| G Data Antivirus (Windows) | Virus: Gen:Variant.Barys.381598 (Engine A), Win32.Worm.Bundpil.B (Engine B) |
| WithSecure (Linux) | Worm.WORM/Gamarue.511265 |
| ESET Security (Windows) | Win32/Bundpil.AO worm |
| DrWeb Antivirus (Linux) | Trojan.MulDrop4.25343 |
| ClamAV (Linux) | Win.Adware.Downware-251 |
| eScan Antivirus (Linux) | Gen:Variant.Barys.381598(DB) |
| Kaspersky Standard (Windows) | Worm.Win32.Debris.b |
| Emsisoft Commandline Scanner (Windows) | Gen:Variant.Barys.381598 (B) |