Cuckoo Sandbox

PE Compile Time

2012-07-26 21:49:30

PE Imphash

bf149b4da46d99d320ea5ac7ca03871d

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
UPX0	0x00001000	0x00017000	0x00000000	0.0
UPX1	0x00018000	0x0000e000	0x0000d400	7.96809926025
UPX2	0x00026000	0x00001000	0x00000200	2.01025006357

Imports

Library ADVAPI32.dll:

• 0x42603c RegOpenKeyA

Library KERNEL32.DLL:

• 0x426044 LoadLibraryA

• 0x426048 ExitProcess

• 0x42604c GetProcAddress

• 0x426050 VirtualProtect

!This program cannot be run in DOS mode.
1xL\1h
]1#hcw
[$fDP2
j)3~'H
}9e{GNWl
rB-fq|
okEabJ
=5meu_
L,0DL 
rD-R@,
EHq?@e
qHudyT{
"FM6,36p
 4Nxn}
S8+p5"
VC(ryi
:v2wcot4
qAnkIb
RBv=e9E
bEk/e=
e &&pS
lj;ZdD
uQY~>H
iO_C|,~
ZAA%sR
k/a{##
)mm#Ob
4W9s J~
fY|(6S
1^>CGP
p<7x}A
XttnBfO
/z=c$G
"r,l\S
:UQ1r}
@GG5jy
(Sw^cm
&'?=gS
9u3(^X
7;{cXP:
?x;zS)
h&8|\M
*bX\_c=
xR=+\G
RcDf|4
I~9tj|
bU|V(Q
&<4nZM
E7A7_V
Fvl.1\
o 7+^^
Ick11U
ktq]L0
KQ*dJP
%/=,]B
4&3U<a
b76u5}/
K!0K@h
2yg/Nm
LEmc12
ZqhV)u
0,B*|e
3'}xTm
pke[ 0_
cZn)g"
FF::p1+
;Ptxnb
"L89C=c
6},A+v
wOUH<7
M+e/]2
!?\+sW
~zq/$v
Y|#,m
8&la@,
luGW"7
Bl8nC[-
C0YY1>
3c*1-X
H$q(AE
O9Hbr{
e}a3BJ
$\#upz
2T'&|5
|USS&;E
O*1g_o
Pycj}k=
1$A'5JnUY
g*(8WF2
k}0tj&
P>XT?B
D(!7;6
e0I<"|
!-|I!w+
Nn`4'p
EuNN[G
H6hN&M
{%-iiM#n
m^SPwz
tl'A2D
nFSj;W
FFShg 
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H)
s`)L$4
D$t+D$\
)D$H)
9l$\w_
XPTPSW
ADVAPI32.dll
KERNEL32.DLL
RegOpenKeyA
ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect

No antivirus signatures available.

IRMA	Signature
Trend Micro SProtect (Linux)	TrojanSpy.Win32.KEYDOOR.SM
Avast Core Security (Linux)	Win32:MalwareX-gen [Bd]
C4S ClamAV (Linux)	Win.Spyware.Dacic-10032147-0
Trellix (Linux)	GenericRXKA-VV
Sophos Anti-Virus (Linux)	Mal/Behav-031
Bitdefender Antivirus (Linux)	Generic.Dacic.222C339A.A.B34E8ED8
G Data Antivirus (Windows)	Virus: Generic.Dacic.222C339A.A.B34E8ED8 (Engine A)
WithSecure (Linux)	Trojan.TR/Dropper.Gen
ESET Security (Windows)	Win32/Spy.Keydoor.AD trojan
DrWeb Antivirus (Linux)	Trojan.Siggen6.34441
ClamAV (Linux)	Win.Spyware.Dacic-10032147-0
eScan Antivirus (Linux)	Generic.Dacic.222C339A.A.B34E8ED8(DB)
Emsisoft Commandline Scanner (Windows)	Generic.Dacic.222C339A.A.B34E8ED8 (B)

Browser recommendation

Static Analysis

PE Compile Time

PE Imphash

Sections

Imports

Browser recommendation

PE Compile Time

PE Imphash

Sections

Imports

Feedback