popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2010-04-15 07:06:53

PE Imphash

b4c6fff030479aa3b12625be67bf4914

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000104e 0x00001200 0.168100494025
.rdata 0x00003000 0x00000084 0x00000200 0.963086734599
.tekl 0x00004000 0x00000278 0x00000400 4.30341821309

Imports

Library KERNEL32.dll:
0x140003000 VirtualAlloc
0x140003008 ExitProcess
!This program cannot be run in DOS mode.
Rich}E
`.rdata
@.tekl
PAYLOAD:
ExitProcess
VirtualAlloc
KERNEL32.dll
AQAPRH1
AXAX^YZAXAYAZH
ws2_32
A^PPM1
}(XAWYh
KERNEL32.dll
VirtualAlloc
ExitProcess
Antivirus Signature
Bkav W32.Common.3EDB6033
Lionic Trojan.Win32.Packed.4!c
tehtris Clean
MicroWorld-eScan Trojan.GenericKD.68402288
ClamAV Clean
FireEye Generic.mg.5885c6b29fb1e8ec
CAT-QuickHeal HackTool.Metasploit.S9212471
McAfee Trojan-FJIN!5885C6B29FB1
Malwarebytes Trojan.MalPack
Zillya Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 004fae881 )
BitDefender Trojan.GenericKD.68402288
K7GW Trojan ( 004fae881 )
Cybereason malicious.29fb1e
Arcabit Trojan.Generic.D413BC70
Baidu Clean
VirIT Trojan.Win32.Generic.BZPS
Cyren W64/S-c4a4ef26!Eldorado
Symantec Meterpreter
Elastic Windows.Trojan.Metasploit
ESET-NOD32 a variant of Win64/Rozena.M
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan.Win64.Packed.gen
Alibaba Trojan:Win64/Meterpreter.f5d5d840
NANO-Antivirus Clean
ViRobot Trojan.Win.Z.Rozena.7168.FSA
Rising Trojan.Kryptik!1.A2F4 (CLASSIC)
Emsisoft Trojan.GenericKD.68402288 (B)
F-Secure Trojan.TR/Crypt.XPACK.Gen7
DrWeb BackDoor.Shell.244
VIPRE Trojan.GenericKD.68402288
TrendMicro TROJ64_SWRORT.SM1
McAfee-GW-Edition BehavesLike.Win64.Infected.zz
Trapmine malicious.high.ml.score
CMC Clean
Sophos ATK/Meter-A
Ikarus Trojan.Win64.Meterpreter
Jiangmin Trojan.Generic.auyjj
Webroot Clean
Avira TR/Crypt.XPACK.Gen7
MAX malware (ai score=85)
Antiy-AVL GrayWare/Win32.Rozena.j
Gridinsoft Trojan.Win64.Gen.bot
Xcitium Clean
Microsoft Trojan:Win64/Meterpreter.E
SUPERAntiSpyware Trojan.Agent/Gen-MalPack
ZoneAlarm HEUR:Trojan.Win64.Packed.gen
GData Trojan.GenericKD.68402288
Google Detected
AhnLab-V3 Trojan/Win32.RL_Generic.R357794
Acronis Clean
BitDefenderTheta Clean
ALYac Trojan.GenericKD.68402288
TACHYON Clean
DeepInstinct MALICIOUS
VBA32 Clean
Cylance unsafe
Panda Trj/CI.A
Zoner Probably Heur.ExeHeaderL
TrendMicro-HouseCall TROJ64_SWRORT.SM1
Tencent Hacktool.Win64.Rozena.a
Yandex Trojan.GenAsa!RZuPNlUDbQk
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/Rozena.J!tr
AVG Win32:MsfShell-V [Hack]
Avast Win32:MsfShell-V [Hack]
CrowdStrike win/malicious_confidence_100% (W)
No IRMA results available.