popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2013-06-12 21:49:36

PE Imphash

c4c9ecfc26ca516a80b8f6f5b2bdb7e6

PEiD Signatures

Armadillo v1.xx - v2.xx

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000003fc 0x00000400 6.2387096366
.rdata 0x00002000 0x00000181 0x00000200 3.05451057753
.data 0x00003000 0x0000007c 0x00000200 1.04901350379
.reloc 0x00004000 0x00000088 0x00000200 2.90043251101

Imports

Library KERNEL32.dll:
0x10002000 LoadLibraryW
0x10002004 GetProcAddress
0x10002008 CreateFileA
Library MSVCRT.dll:
0x10002010 free
0x10002014 _initterm
0x10002018 malloc
0x1000201c _adjust_fdiv

Exports

Ordinal Address Name
1 0x10001193 rundll32
!This program cannot be run in DOS mode.
`.rdata
@.data
.reloc
0F;5d0
CreateFileA
LoadLibraryW
GetProcAddress
KERNEL32.dll
_initterm
malloc
_adjust_fdiv
MSVCRT.dll
rundll32
desktop.ini
dpmmBmbvusjW}fmjGebfS}fmjGfubfsD}XfuvdfyFmmfiT
0#00080F0K0P0U0`0m0w0
2"2=2E2J2R2V3]3o3
DDXINGIGDXAPDGGXXPPAANIAPDAPGXDIINNADGIXNPGIXNIANNDGXDIINGNDGIXADGIXNPADGXXPPIANDAXDIANDGIDPGNXGPXPAPGAXDGXXPPAADPINPGAIANAADGIPAAGGIPNNAAXXPAADDIIPNNGGXXPNNGGXXPNNGGXXIGPDGIXPNNGGXXPGAXGIXIGPDGIXNGNXGIXDXXPPAAXPXNPGAGPDNPGADPIAPGAGPDNPGADPIAPGAGPDNPGADPIAPGAGPDNPGAPAAGGIXINNAAXDXPPNNDGDIIPPGAGXXIIANADDXXNPNGGDDPIPAAGGIXINNAAXDGDDIINNDIDPIANAXDPIANPDAIDNPIANDGIXDNIGNXDGIXNPGANXGPXANPGAXDPIGIXNPGANXGPXANPGAXDPIIANDGIXIAPGAXDPGNDGIXXAPDAXDPGNDGIXXAPDAXDAXGIXNPNAGDDIIIGNXGPIIAPDAIXXNPGAXDIANDAXDIPPAADDXPIAPDGXIPNNGGADDIINNNDGIXNPAXDPXNPAGGXXPPNGAXGPINAGDDIIDIINPAGDPINNGGPNNGGXXAXDPIANGIDNIGAGXXIINNDIXPIAAXNPANDGIANGAXDINPAADDPNNGAXDPGAXDPXNAAXDPIPAADDPIPNNGGXXXAIGAXDIANDAXDIPNAADDINIGNDGDNXANDGXNPGNDGDNXANDGNDAXDPINAADGIXPDNXDPINDGIDPIPDNXDPINDGIDPIPDNXDPINDGIDPIPDNXDPIDNIGNDGIAPGAXDDNIGNDGIAPGAXDDNIGNDGIAPGAXDDNIGNDGIAPGAXDXNIANDGPGNXDPIIANDGIXXNPGAXDXNIANDGIAPGAXDDNIGNDGIAPGAXDDNIGNDGIAPGAXDGXXPPAAAIGPIANGIXNIANAIGPIANGIXNIANAIGPIANGIXNIANAIGPIANGIXNIANPNAGGXXXAPDAXDPGNDGIXXNPGAXDADGXDPPAGGXXPPPGAXDNIXAPDAIXDP
shell32.dll
kernel32.dll
Antivirus Signature
Bkav W32.FamVT.DebrisA.Worm
Lionic Worm.Win32.Debris.tsC7
Elastic malicious (high confidence)
ClamAV Win.Adware.Downware-251
CMC Clean
CAT-QuickHeal Trojan.Agent.WL
Skyhigh BehavesLike.Win32.Worm.zt
ALYac Gen:Variant.Barys.381856
Cylance Unsafe
Zillya Worm.DebrisGen.Win32.11
Sangfor Suspicious.Win32.Save.ins
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Malware:Win32/km_2a460.None
K7GW EmailWorm ( 0040f5281 )
K7AntiVirus EmailWorm ( 0040f5281 )
huorong HEUR:Worm/Gamarue.a
Baidu Win32.Worm.Bundpil.y
VirIT Worm.Win32.Generic.GRN
Paloalto generic.ml
Symantec Downloader.Dromedan
tehtris Generic.Malware
ESET-NOD32 Win32/Bundpil.AO
APEX Malicious
Avast Win32:Sg-I [Trj]
Cynet Malicious (score: 100)
Kaspersky Worm.Win32.Debris.b
BitDefender Gen:Variant.Barys.381856
NANO-Antivirus Trojan.Win32.Debris.cqkxyu
ViRobot Clean
MicroWorld-eScan Gen:Variant.Barys.381856
Tencent Worm.Win32.Debris.c
Sophos W32/Gamarue-BL
F-Secure Worm.WORM/Gamarue.511265
DrWeb Trojan.MulDrop4.25343
VIPRE Gen:Variant.Barys.381856
TrendMicro WORM_GAMARUE.SML
McAfeeD ti!A3CF86C9D16F
Trapmine Clean
CTX dll.worm.bundpil
Emsisoft Gen:Variant.Barys.381856 (B)
Ikarus Worm.Win32.Bundpil
FireEye Generic.mg.46ff33dbadc5b36e
Jiangmin Trojan/Generic.axdgt
Webroot W32.Worm.Gen
Varist W32/Csyr.B.gen!Eldorado
Avira WORM/Gamarue.511265
Fortinet W32/Bundpil.AO!tr
Antiy-AVL Worm/Win32.Debris
Kingsoft Win32.Troj.Bundpil.AO
Gridinsoft Worm.Win32.Autorun.sa
Xcitium Worm.Win32.Bundpil.AH@4yjufs
Arcabit Trojan.Barys.D5D3A0
SUPERAntiSpyware Trojan.Agent/Gen-Crypt
ZoneAlarm Worm.Win32.Debris.b
Microsoft TrojanDownloader:Win32/Andromeda!pz
Google Detected
AhnLab-V3 Worm/Win32.Debris.R71328
Acronis Clean
McAfee W32/Worm-FJV!46FF33DBADC5
TACHYON Clean
VBA32 Worm.Gamarue
Malwarebytes Bundpil.Worm.AutoRun.DDS
Panda Generic Malware
Zoner Clean
TrendMicro-HouseCall WORM_GAMARUE.SML
Rising Worm.Gamarue!1.9CB3 (CLASSIC)
Yandex Trojan.GenAsa!VJN5611Pa6Y
SentinelOne Static AI - Malicious PE
MaxSecure Worm.Debris.Gen
GData Win32.Worm.Bundpil.B
AVG Win32:Sg-I [Trj]
DeepInstinct MALICIOUS
alibabacloud Worm:Win/Bundpil
No IRMA results available.