Static Analysis

PE Compile Time

1970-01-01 03:00:00

PE Imphash

52d5086abc1dabd2119b92104f1111a0

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
UPX0 0x00001000 0x00070000 0x00000000 0.0
UPX1 0x00071000 0x0001f000 0x0001ee00 5.78854085317
UPX2 0x00090000 0x00001000 0x00000200 2.09537671816

Imports

Library KERNEL32.DLL:
0x490050 LoadLibraryA
0x490054 ExitProcess
0x490058 GetProcAddress
0x49005c VirtualProtect
Library oleaut32.dll:
0x490064 SysFreeString
Library user32.dll:
0x49006c MessageBoxA
!This program cannot be run in DOS mode.
KERNEL32.DLL
oleaut32.dll
user32.dll
ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect
SysFreeString
MessageBoxA
No antivirus signatures available.
IRMA Signature
Trend Micro SProtect (Linux) Clean
Avast Core Security (Linux) Win32:Evo-gen [Trj]
C4S ClamAV (Linux) Clean
Trellix (Linux) Clean
Sophos Anti-Virus (Linux) Mal/HckPk-A
Bitdefender Antivirus (Linux) Gen:Variant.Razy.430271
G Data Antivirus (Windows) Virus: Gen:Variant.Razy.430271 (Engine A)
WithSecure (Linux) Heuristic.HEUR/AGEN.1333567
ESET Security (Windows) a variant of Win32/Kryptik.HYWV trojan
DrWeb Antivirus (Linux) Clean
ClamAV (Linux) Clean
eScan Antivirus (Linux) Gen:Variant.Razy.430271(DB)
Emsisoft Commandline Scanner (Windows) Gen:Variant.Razy.430271 (B)
Cuckoo

We're processing your submission... This could take a few seconds.