Manalyze report for c53540b20395234caf98c874fa03eba3

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	1970-Jan-01 00:00:00

Plugin Output

Suspicious	The PE is possibly packed.	`Unusual section name found:` `The PE only has 0 import(s).`
Malicious	VirusTotal score: 12/56 (Scanned on 2015-04-10 15:34:35)	`TheHacker: W32/Behav-Heuristic-CorruptFile-EP` `Symantec: Trojan.ADH.2` `Norman: Suspicious_Gen4.CHCSY` `TrendMicro-HouseCall: TROJ_GEN.R047C0OC715` `Avast: Win32:Evo-gen [Susp]` `Tencent: Trojan.Win32.Qudamah.Gen.1` `Comodo: UnclassifiedMalware` `VIPRE: Trojan.Win32.Generic!BT` `TrendMicro: TROJ_GEN.R047C0OC715` `AVware: Trojan.Win32.Generic!BT` `Ikarus: Trojan.Crypt` `Qihoo-360: HEUR/Malware.QVM19.Gen`

Hashes

MD5	`c53540b20395234caf98c874fa03eba3`
SHA1	`68230facbdc3691f896d004b55c36f77cb76a063`
SHA256	`d56d2f536d7f0db78ad0f66ebc994c5506a4760035cc855329e8d8d1f8969ed6`
SHA3	`691f60fab4aa6a6945c136b4d243060f3764af865455d0f06beaf0ef63ff8623`
SSDeep	`12:iWn2wOGtXmu5Bo6XmqEZeSNlgJijkWw1w0UEad:iW5LWaBo6Wq6eMl58C0id`
Imports Hash	`d41d8cd98f00b204e9800998ecf8427e`

DOS Header

e_magic	`MZ`
e_cblp	`0`
e_cp	`0`
e_crlc	`0`
e_cparhdr	`0`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`1`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`0.0`
SizeOfCode	`0`
SizeOfInitializedData	`0`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000010A0 (Section: ?)`
BaseOfCode	`0`
BaseOfData	`0`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`0.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x2000`
SizeOfHeaders	`0x1`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
SizeofStackReserve	`0`
SizeofStackCommit	`0`
SizeofHeapReserve	`0`
SizeofHeapCommit	`0`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

MD5	`8c493a43d8c1ef798860bb02b62e8e79`
SHA1	`efe43def97eb295fe99c3753f2d740d7b36df689`
SHA256	`fde502858306c235a3121e42326b53228b7ef4690eeed92a2b2eafe73c03a3ef`
SHA3	`d0f595a067c40b7e675db165522077cf863bc36084bbd523e1216a2d52d5129b`
VirtualSize	`0`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_WRITE`
Entropy	`0`

Imports

Delayed Imports

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[!] Error: Could not reach the requested directory (offset=0x0).
[*] Warning: Could not read a WIN_CERTIFICATE's header.