popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2010-04-15 07:06:53

PE Imphash

b4c6fff030479aa3b12625be67bf4914

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000104e 0x00001200 0.168100494025
.rdata 0x00003000 0x00000084 0x00000200 0.963086734599
.uqpy 0x00004000 0x00000278 0x00000400 4.29986794744

Imports

Library KERNEL32.dll:
0x140003000 VirtualAlloc
0x140003008 ExitProcess
!This program cannot be run in DOS mode.
Rich}E
`.rdata
@.uqpy
PAYLOAD:
ExitProcess
VirtualAlloc
KERNEL32.dll
AQAPRH1
AXAX^YZAXAYAZH
ws2_32
A^PPM1
}(XAWYh
KERNEL32.dll
VirtualAlloc
ExitProcess
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Metasploit.4!c
Elastic Windows.Trojan.Metasploit
MicroWorld-eScan Trojan.Metasploit.A
CMC Clean
CAT-QuickHeal HackTool.Metasploit.S9212471
Skyhigh BehavesLike.Win64.Infected.zz
ALYac Trojan.Metasploit.A
Malwarebytes Trojan.MalPack
Zillya Clean
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 004fae881 )
BitDefender Trojan.Metasploit.A
K7GW Trojan ( 004fae881 )
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Metasploit.A
Baidu Clean
VirIT Trojan.Win32.Generic.BZPS
Symantec Meterpreter
tehtris Clean
ESET-NOD32 a variant of Win64/Rozena.M
Cynet Malicious (score: 100)
APEX Malicious
Paloalto Clean
ClamAV Clean
Kaspersky HEUR:Trojan.Win64.Packed.gen
Alibaba Trojan:Win64/Metasploit.e7bf078b
NANO-Antivirus Clean
ViRobot Clean
Tencent Hacktool.Win64.Rozena.a
TACHYON Clean
Sophos ATK/Meter-A
F-Secure Trojan.TR/Crypt.XPACK.Gen7
DrWeb BackDoor.Shell.244
VIPRE Trojan.Metasploit.A
TrendMicro TROJ64_SWRORT.SM1
Trapmine malicious.high.ml.score
FireEye Generic.mg.dbfe72085ba54253
Emsisoft Trojan.Metasploit.A (B)
Ikarus Trojan.Win64.Meterpreter
Jiangmin Trojan.Generic.auyjj
Webroot W32.Malware.Gen
Varist W64/S-c4a4ef26!Eldorado
Avira TR/Crypt.XPACK.Gen7
Antiy-AVL GrayWare/Win32.Rozena.j
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Trojan.Win64.Gen.tr
Xcitium Clean
Microsoft Trojan:Win64/Metasploit.CRTD!MTB
SUPERAntiSpyware Trojan.Agent/Gen-MalPack
ZoneAlarm HEUR:Trojan.Win64.Packed.gen
GData Win64.Trojan.Agent.GRX1TL
Google Detected
AhnLab-V3 Trojan/Win32.RL_Generic.R357794
Acronis suspicious
McAfee Trojan-FJIN!DBFE72085BA5
MAX malware (ai score=83)
DeepInstinct MALICIOUS
VBA32 Clean
Cylance unsafe
Panda Clean
Zoner Probably Heur.ExeHeaderL
TrendMicro-HouseCall TROJ64_SWRORT.SM1
Rising Trojan.Kryptik!1.A2F4 (CLASSIC)
Yandex Trojan.GenAsa!RZuPNlUDbQk
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/Rozena.J!tr
BitDefenderTheta Clean
AVG Win32:MsfShell-V [Hack]
Cybereason malicious.eaac9a
Avast Win32:MsfShell-V [Hack]
No IRMA results available.