popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2010-04-15 07:06:53

PE Imphash

b4c6fff030479aa3b12625be67bf4914

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000104e 0x00001200 0.168100494025
.rdata 0x00003000 0x00000084 0x00000200 0.963086734599
.naan 0x00004000 0x00000278 0x00000400 4.30382093565

Imports

Library KERNEL32.dll:
0x140003000 VirtualAlloc
0x140003008 ExitProcess
!This program cannot be run in DOS mode.
Rich}E
`.rdata
@.naan
PAYLOAD:
ExitProcess
VirtualAlloc
KERNEL32.dll
AQAPRQH1
AXAX^YZAXAYAZH
ws2_32
A^PPM1
}(XAWYh
KERNEL32.dll
VirtualAlloc
ExitProcess
Antivirus Signature
Bkav Clean
Lionic Trojan.Win32.Packed.4!c
Elastic Windows.Trojan.Metasploit
MicroWorld-eScan Trojan.Metasploit.A
FireEye Generic.mg.367030209dfe9a7f
CAT-QuickHeal HackTool.Metasploit.S9212471
McAfee Trojan-FJIN!367030209DFE
Cylance unsafe
Zillya Trojan.Rozena.Win64.23035
Sangfor HackTool.Win32.Reverse64_Bin_v2_5_through_v4_x.uwccg
K7AntiVirus Trojan ( 004fae881 )
BitDefender Trojan.Metasploit.A
K7GW Trojan ( 004fae881 )
CrowdStrike win/malicious_confidence_100% (W)
Baidu Clean
VirIT Trojan.Win32.Generic.BZPS
Cyren W64/S-c4a4ef26!Eldorado
Symantec Meterpreter
tehtris Clean
ESET-NOD32 a variant of Win64/Rozena.M
APEX Malicious
Paloalto generic.ml
ClamAV Clean
Kaspersky HEUR:Trojan.Win64.Packed.gen
Alibaba Trojan:Win32/CobaltStrike.5f03
NANO-Antivirus Trojan.Win64.Shell.juurem
ViRobot Trojan.Win.Z.Rozena.7168.KH
Rising Trojan.Kryptik!1.A2F4 (CLASSIC)
Emsisoft Trojan.Metasploit.A (B)
F-Secure Clean
DrWeb BackDoor.Shell.244
VIPRE Trojan.Metasploit.A
TrendMicro TROJ64_SWRORT.SM1
McAfee-GW-Edition BehavesLike.Win64.Infected.zz
Trapmine malicious.high.ml.score
CMC Clean
Sophos ATK/Meter-A
SentinelOne Static AI - Suspicious PE
GData Trojan.Metasploit.A
Jiangmin Trojan.Generic.auyjj
Webroot Clean
Google Detected
Avira TR/Crypt.XPACK.Gen7
MAX malware (ai score=86)
Antiy-AVL GrayWare/Win32.Rozena.j
Gridinsoft Trojan.Win64.Gen.bot
Xcitium Clean
Arcabit Trojan.Metasploit.A
SUPERAntiSpyware Trojan.Agent/Gen-MalPack
ZoneAlarm HEUR:Trojan.Win64.Packed.gen
Microsoft Trojan:Win64/Meterpreter.B
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.RL_Generic.R358445
Acronis Clean
BitDefenderTheta Clean
ALYac Trojan.Metasploit.A
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.MalPack
Panda Trj/CI.A
Zoner Probably Heur.ExeHeaderL
TrendMicro-HouseCall TROJ64_SWRORT.SM1
Tencent Hacktool.Win64.Rozena.a
Yandex Trojan.GenAsa!RZuPNlUDbQk
Ikarus Trojan.Win64.Meterpreter
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/Rozena.J!tr
AVG Win64:ShellCode-B [Trj]
Avast Win64:ShellCode-B [Trj]
No IRMA results available.