Static Analysis

PE Compile Time

1970-01-01 03:00:00

PE Imphash

6ed4f5f04d62b18d96b26d6db7c18840

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
UPX0 0x00001000 0x004da000 0x00000000 0.0
.reltc 0x004db000 0x0019e000 0x0019e000 5.74717038365
UPX2 0x00679000 0x00001000 0x00000200 1.38215794943

Imports

Library KERNEL32.DLL:
0xa79028 LoadLibraryA
0xa7902c ExitProcess
0xa79030 GetProcAddress
0xa79034 VirtualProtect
!This program cannot be run in DOS mode.
.reltc
KERNEL32.DLL
ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect
0*1*
"*'*
1*0*
03"(v
v4.0.30319
#Strings
No antivirus signatures available.
IRMA Signature
ESET Security (Windows) a variant of Win32/GenKryptik.FGBK trojan
Avast Core Security (Linux) Win32:Evo-gen [Trj]
C4S ClamAV (Linux) Win.Malware.Genkryptik-10040056-0
F-Secure Antivirus (Linux) Clean
McAfee CLI scanner (Linux) Clean
Bitdefender Antivirus (Linux) Clean
G Data Antivirus (Windows) Clean
Sophos Anti-Virus (Linux) Clean
DrWeb Antivirus (Linux) Clean
Trend Micro SProtect (Linux) Clean
ClamAV (Linux) Win.Malware.Genkryptik-10040056-0
eScan Antivirus (Linux) Clean
Kaspersky Standard (Windows) HEUR:Trojan.Win32.Generic
Emsisoft Commandline Scanner (Windows) Clean
Cuckoo

We're processing your submission... This could take a few seconds.