popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2010-04-15 07:06:53

PE Imphash

b4c6fff030479aa3b12625be67bf4914

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0000104e 0x00001200 0.168100494025
.rdata 0x00003000 0x00000084 0x00000200 0.963086734599
.ujdo 0x00004000 0x00000248 0x00000400 4.04210467853

Imports

Library KERNEL32.dll:
0x140003000 VirtualAlloc
0x140003008 ExitProcess
!This program cannot be run in DOS mode.
Rich}E
`.rdata
@.ujdo
PAYLOAD:
ExitProcess
VirtualAlloc
KERNEL32.dll
AQAPRQVH1
AXAX^YZAXAYAZH
ws2_32
VPAPAPAPI
KERNEL32.dll
VirtualAlloc
ExitProcess
Antivirus Signature
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Metasploit.4!c
Elastic Windows.Trojan.Metasploit
Cynet Malicious (score: 100)
CMC Clean
CAT-QuickHeal HackTool.Metasploit.S9212471
ALYac Trojan.Metasploit.A
Cylance Unsafe
Sangfor HackTool.Win32.Reverse64_Bin_v2_5_through_v4_x.uwccg
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Trojan:Win64/Shelma.f5f969af
K7GW Trojan ( 004fae881 )
K7AntiVirus Trojan ( 004fae881 )
huorong Backdoor/Meterpreter.fb
Baidu Clean
VirIT Trojan.Win32.Generic.BZPS
Paloalto generic.ml
Symantec Packed.Generic.539
tehtris Clean
ESET-NOD32 a variant of Win64/Rozena.M
APEX Malicious
Avast Win32:MsfShell-V [Hack]
ClamAV Win.Trojan.MSShellcode-6
Kaspersky Trojan.Win64.Shelma.b
BitDefender Trojan.Metasploit.A
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Trojan.Metasploit.A
Tencent Hacktool.Win64.Rozena.a
Sophos ATK/Meter-A
F-Secure Trojan.TR/Crypt.XPACK.Gen7
DrWeb BackDoor.Shell.244
Zillya Trojan.Shelma.Win64.10933
TrendMicro Trojan.Win64.SHELMA.SMB1
McAfeeD Real Protect-LS!95CE375EF761
Trapmine malicious.high.ml.score
CTX exe.trojan.rozena
Emsisoft Trojan.Metasploit.A (B)
Ikarus Trojan.Win64.Meterpreter
FireEye Generic.mg.95ce375ef761921a
Jiangmin Trojan/Agent.iigj
Webroot W32.Trojan.Gen
Varist W64/Rozena.IG
Avira TR/Crypt.XPACK.Gen7
Fortinet W64/Rozena.J!tr
Antiy-AVL GrayWare/Win32.Rozena.j
Kingsoft Win64.Trojan.Shelma.b
Gridinsoft Trojan.Win64.ShellCode.sd!s1
Xcitium Clean
Arcabit Trojan.Metasploit.A
SUPERAntiSpyware Trojan.Agent/Gen-MalPack
ZoneAlarm Trojan.Win64.Shelma.b
Microsoft Trojan:Win64/Meterpreter!pz
Google Detected
AhnLab-V3 Trojan/Win.Generic.R610915
Acronis suspicious
McAfee Trojan-FJIN!95CE375EF761
TACHYON Clean
VBA32 Clean
Malwarebytes Trojan.Dropper.Generic
Panda Clean
Zoner Probably Heur.ExeHeaderL
TrendMicro-HouseCall TROJ_KRYPTIK_FD1101FF.UVPM
Rising Trojan.Kryptik/x64!1.A2F4 (CLASSIC)
Yandex Trojan.GenAsa!RZuPNlUDbQk
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.11208573.susgen
GData Win64.Trojan.Rozena.A
AVG Win32:MsfShell-V [Hack]
DeepInstinct MALICIOUS
alibabacloud Backdoor:Win/shellcode.api(dyn)
No IRMA results available.