Static Analysis

PE Compile Time

2020-11-19 16:42:02

PE Imphash

0d67f1603a1b4a11efdb395f23b12f28

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00055f51 0x00056000 7.28066408579
.rdataz1 0x00057000 0x00000bb8 0x00000c00 4.94652597341
.rdataz 0x00058000 0x00000bb8 0x00000c00 4.94652597341
.rdata 0x00059000 0x00019520 0x00019600 0.389787023875
.data 0x00073000 0x00099990 0x00099a00 1.55489969777

Imports

Library KERNEL32.dll:
0x50b764 GetLastError
0x50b768 VirtualAllocEx
0x50b76c GetModuleHandleA
0x50b770 TlsSetValue
0x50b774 TlsGetValue
0x50b778 LocalAlloc
0x50b77c GetModuleHandleW
0x50b780 lstrlenW
0x50b784 lstrcmpA
0x50b788 WriteProcessMemory
0x50b78c WriteFile
0x50b790 WideCharToMultiByte
0x50b794 WaitForSingleObject
0x50b79c VirtualQueryEx
0x50b7a0 VirtualQuery
0x50b7a4 VirtualProtectEx
0x50b7a8 VirtualProtect
0x50b7ac VirtualFree
0x50b7b0 VirtualAlloc
0x50b7b4 UnmapViewOfFile
0x50b7b8 TerminateThread
0x50b7bc TerminateProcess
0x50b7c4 SuspendThread
0x50b7c8 Sleep
0x50b7cc SizeofResource
0x50b7d0 SetVolumeLabelW
0x50b7d4 SetThreadPriority
0x50b7d8 SetThreadContext
0x50b7e0 SetPriorityClass
0x50b7e4 SetLastError
0x50b7e8 SetFilePointer
0x50b7ec SetEvent
0x50b7f0 SetErrorMode
0x50b7f4 SetEndOfFile
0x50b7f8 ResumeThread
0x50b7fc ResetEvent
0x50b800 ReleaseSemaphore
0x50b804 ReleaseMutex
0x50b808 ReadProcessMemory
0x50b80c ReadFile
0x50b818 PulseEvent
0x50b81c OutputDebugStringW
0x50b820 OpenProcess
0x50b824 OpenMutexW
0x50b828 OpenFileMappingA
0x50b82c OpenFileMappingW
0x50b830 OpenEventA
0x50b834 MultiByteToWideChar
0x50b838 MulDiv
0x50b83c MoveFileW
0x50b840 MapViewOfFile
0x50b844 LockResource
0x50b848 LocalFree
0x50b850 LoadResource
0x50b854 LoadLibraryExA
0x50b858 LoadLibraryExW
0x50b85c LoadLibraryA
0x50b860 LoadLibraryW
0x50b86c GlobalUnlock
0x50b870 GlobalSize
0x50b874 GlobalReAlloc
0x50b878 GlobalHandle
0x50b87c GlobalLock
0x50b880 GlobalFree
0x50b884 GlobalFindAtomW
0x50b888 GlobalDeleteAtom
0x50b88c GlobalAlloc
0x50b890 GlobalAddAtomW
0x50b8a4 GetVersionExA
0x50b8a8 GetVersionExW
0x50b8ac GetVersion
0x50b8b0 GetUserDefaultLCID
0x50b8b8 GetTickCount
0x50b8bc GetThreadPriority
0x50b8c0 GetThreadLocale
0x50b8c4 GetThreadContext
0x50b8c8 GetTempPathW
0x50b8cc GetTempFileNameW
0x50b8d0 GetSystemTime
0x50b8d4 GetSystemDirectoryA
0x50b8d8 GetSystemDirectoryW
0x50b8dc GetStartupInfoW
0x50b8e0 GetProcessVersion
0x50b8e8 GetProcAddress
0x50b8ec GetPriorityClass
0x50b8f0 GetModuleFileNameA
0x50b8f4 GetModuleFileNameW
0x50b8f8 GetLogicalDrives
0x50b8fc GetLocaleInfoW
0x50b900 GetLocalTime
0x50b904 GetFileSize
0x50b90c GetFileAttributesA
0x50b910 GetFileAttributesW
0x50b914 GetExitCodeThread
0x50b918 GetExitCodeProcess
0x50b920 GetDriveTypeW
0x50b924 GetDiskFreeSpaceW
0x50b928 GetCurrentThreadId
0x50b92c GetCurrentThread
0x50b930 GetCurrentProcessId
0x50b934 GetCurrentProcess
0x50b938 GetComputerNameW
0x50b93c GetCommandLineA
0x50b940 GetCPInfo
0x50b944 FreeResource
0x50b94c InterlockedExchange
0x50b954 FreeLibrary
0x50b958 FormatMessageA
0x50b95c FormatMessageW
0x50b960 FlushViewOfFile
0x50b964 FlushFileBuffers
0x50b968 FindResourceA
0x50b96c FindResourceW
0x50b970 FindNextFileW
0x50b974 FindFirstFileA
0x50b978 FindFirstFileW
0x50b97c FindClose
0x50b990 ExitProcess
0x50b994 EnumResourceNamesW
0x50b99c DuplicateHandle
0x50b9a4 DisconnectNamedPipe
0x50b9a8 DeleteFileW
0x50b9b0 CreateThread
0x50b9b4 CreateSemaphoreW
0x50b9b8 CreateNamedPipeW
0x50b9bc CreateMutexA
0x50b9c0 CreateMutexW
0x50b9c4 CreateFileMappingA
0x50b9c8 CreateFileMappingW
0x50b9cc CreateFileA
0x50b9d0 CreateFileW
0x50b9d4 CreateEventA
0x50b9d8 CreateEventW
0x50b9dc CreateDirectoryW
0x50b9e0 CopyFileW
0x50b9e4 ConnectNamedPipe
0x50b9e8 CompareStringW
0x50b9ec CompareFileTime
0x50b9f0 CloseHandle
0x50b9f4 CancelIo
0x50b9f8 GetComputerNameA
Library USER32.dll:
0x50ba00 GetFocus
0x50ba04 GetDialogBaseUnits
0x50ba08 CharNextW
0x50ba0c GetMessagePos
0x50ba10 LoadCursorFromFileW
0x50ba14 LoadCursorFromFileA
0x50ba1c DestroyCursor
0x50ba20 IsCharLowerA
0x50ba24 GetShellWindow
0x50ba28 GetAsyncKeyState
0x50ba2c CharUpperA
0x50ba30 IsWindowVisible
0x50ba34 GetCapture
0x50ba38 GetWindowDC
0x50ba3c GetForegroundWindow
0x50ba40 IsCharAlphaA
0x50ba44 GetDlgCtrlID
0x50ba4c ReleaseCapture
0x50ba50 GetMenu
0x50ba54 LoadIconA
Library GDI32.dll:
0x50ba5c GetBkColor
0x50ba60 GetColorSpace
0x50ba64 CreateCompatibleDC
0x50ba68 CreateMetaFileW
0x50ba6c UpdateColors
0x50ba70 GetEnhMetaFileA
0x50ba74 GetEnhMetaFileBits
0x50ba78 GetStockObject
Library ADVAPI32.dll:
0x50ba80 RegOpenKeyW
0x50ba84 RegQueryValueExA
Library IMM32.dll:
0x50ba8c ImmGetVirtualKey
!This program cannot be run in DOS mode.
`.rdataz1
@.rdataz
@.rdata
@.data
A wHG%e
xuCt@1
*=19(5
4"d*&z
5rMzg67
@I>#Xu
!UBE&2
^=ZEo
o?Xbp2
C~ZLPh
&So# K
]h2A>y%=
kc4Hg&
:pK52~
8L'};sc
?PaOUF
rzl&6{
_e/lZV
s!:1wW
Jk-&l9h
z0.D{`H8 2
"q;&:s
_LK1Ec
=!K7hjS
J5rpG}
^G@',d
zcuJ]`
Op_LFD
dTY<m8
m'4OgW
.oUX!~
n97ME`
"h1yh2B8
_;]BhgD
WX8_Gd
)$X~;*
x$WGJ|%
6U2]DJ3
w'i^Cy
>Do(}n}
Bq,X-M
r+Z-BJ
Y@(HM@
, K&.A
*}LzN%
4C5r1|3
7oSoof
.^1DY]
(/cS4
i}{>ne
2?eA9[
\X{}'M
36|o39
a48 =V
90&d8D
@4=akZ
~S$r1,
Q5>w{VD
hn96T+
v,II9
*-"xD%
&JJu$x
C#Kjx~
qQ<Ii
=S}-I^
gB-mY}
'5^^i!T
^F0;a:
4SQ]2TW
l%^$,%^$
'F$,(6
%(,,F$
82W3RFv
ED.WW4t
$+QZ@D
u$&A$$
tGaA$T
XejX$0n@$
fH$Hfp$
E0hH$,j,
\d@$ dP$
u$jH$$j@$
Ov7oR4
dO\:+}8
@QQ*KH
ai"?R/
hQ97Cl
)3w~@c{
3)l,C{
]p93Zr
_!R#><
U$cBI:
/b?7fr
|+LB*g
6@#,Dp
p#L9$/
'f5-C;
f(uCK+
q("-E~
0)>-]b
1`#,@`
hd%,P:
'0}H9;
xr-nrz
rh%;X:
de:3Z:
p(.;to
sab-:q
]k!AFs
]ob96w
[c)lRn
TP+;o
w!ISe
Sn87Ct
w_))ao
D=n;xM
v@.gk4~
@o%git
@oUiit
pC{ima
#~it"hrS
eaPjEv
h_Apire
kn9gnt
ri}~he
lar`iMuxxiB
anpneWL
kdq1ro
_cpEZvir
tVa>gab8cA
inpmss
jpENmkr
SxpSEjpe
oFuseTu
inmkeTtmea
_lea@y@i>y_t;lyW\
0EL?,.d
@h}lUp
~osj~me]
erBv_e
vopmi_hqkA
OesvotqkOe
ryUrfoG
Oes'nuizal
rmmWio
uue>]Va
Oessetr
huq)tWL
Pd@DPdswSUsw
CUswCUsw
_VP#)U
38yz>XT%
kLN/C%
N"4c;:
yKm?a#^
M"#JFD
dG8k1k
V^)v6:
UrNU-=
L>O^Kci
sk>H]*
sl=i<f
>h~6Fg'
GZH}Wkm
/xKgL,
&0)$*y
+.\IP9
VL>a<M
j~4D&J%&!Dq,
vY!\AU
?Z^c:s
zewQX<
n)/sI}k
p#Q#xr
X&9;@zL.
<n10o@Gz
Inc$xFZ
Y.b9&a
O+2 uL
EPd4md
-]iqi='
]{p>,,!x
ja6F-x
%z+3PW
yijB[6
f2gMcK
Shpnu{
&N~!k
1#vtxJ
]aNaH#
nJOa:3G
:{|.#Y
g65+"nMSB
Y;vfuW
)1z50sF
KY<t"Jm
tRt) (b
p}f[|[
X[y9#
~etflJ#Z
=6r+Fj
t/!S]:
TZf,1`
U83-jR
g >ezEK%>
v&sk6~
Y?vWt0
|@W("B
^5M;y*!
%SCCdNBmhI
4;&R"
pWLw1O
JIpV'g
ZX$j>,
RYJg9
gn6NQuK
[}WBDQ
oTpQjyF7N
>dFB:6
9#It]p3
U ([e}
Cqe6v
\,vPwsQ5j
XZ4EMx
D#z]Z]
{<c2l`
Y3.tcN
o?lr4i
Ew|<Vce
//F#Fm
5Vkr1QI
s?(k2=?
WF!khg;
9@xr'>
HNYhy$>
Z|*UMO
k*OS+*
zunh7z
%o+cG_
wUfT3
u@_;]b
+IR!64
WW=OWw
r4VSQF
T^\rfX
/"R$?3
nX<u!R
f9Q?
-R/u>l
{\4LH/E
oWf,+}
n(}3'/B
[`^/{`d
F,!`^.
Z3eiT%D
.Z+4?
lb(U)P
hUY =7
cTZ[L?j
DR<!.}
7;Y|uVhi
:F9\R<
qRPd7;6
9sF9R;x/
#A+J7R
Ju$hZM
CnBpEq
n96Puj
\atkDWr
;)Y!!
0DnDwx
hPj>d-
rF#Cm[
$`C\vr
|1d)+M
@_"t17
%l_ui>
qRI8{[
;!x?S%
};``}_
7zL*j|
Dp14aaMgt
JMpq6L
ar*~n(xd
/(?JAb
;FpAg6
K\#Ee6bo^
T|~^*+
u=J5] z"
7!*{`+
-*re05
~iZpu~@]k
mu>,'.
Ki!o,^
"Fq8`~
\ov}MO
2Xl2y2b
JhTtl^
2Ua~WZIA
7<:y&L 4&I8
sm"+Z8
:RPO4N
G|3Q_L
h;hz5B`
5'`!Zc
mTz12:
lZxWF
N?q*1|
cdbK~XJ
5jObSy
DBrdP)P
A9n/j}Tf8gA
?nyC&.
$P`<1he
%4pVGU
N.s\d[
=o.|G+
4(h*3F
'OzMgv
`jKD@A
8'\X}`
.30%jS
B%;VQl
Q<J/8p
c/4VwL
VML[W\Iu
4epXv^
cFA4r%
`'I]ll
oh]8#Bu*
BmothVVTL
xV/6Dh
{vB?H[i
g~4jhyDR
Y35mCR
T\\}f
}d<q|#
UI/^CDM
4CU-P\
=hA-7I&Nx
,;Z\"[
vh1o_r=S
]D0;.
Q`?nB#
R^_"F36T
MNvyF;H
_$.9&F<
>v%Fo_
G;e#Jq
q'[>9 /;
jcwu6
AI$t`/
QE?RdAd
1,~YiDI!
)GrVZ"
pqL8q"
w:L<Yoc
Uj0A|
<`cqR]
g(r"G{
}ac=fi-c
(6T9Q<)
T"9>QW
s&|J+C&}
sfg~_#|
"?}(+C~7
`3 s="
E+BE!a
_Wuqe@
-VJ8Z7
<{9vJG
ut>hCl
TqfsQ ,
Pba|D\\
Ccz90T
;O6o8nG
xxP^uI;iW5
9=4Ob9/aFW
qDy$yT
:]8=iRA
wy/g<K
tJTe'\`
\*G:D
|8A[Fs
,Mhhgp
~'V&M~
NyMK7C
tP:SD>g
$2'Q01B
hetX09
zJRZ5(
)tCb*<nd
&eZcvL
P!1*V"?
?c3L_\
EkPst2
jT$2+X
Rw[Grp
lPgLh>
"PVh>]
V[2&]
CDeLBXd
8DPEIGl
CDELBXd
8DPEIG
CD%OBX$
CDeKBXd
8DPJIGl
CDEKBXd
8DPJIG
CD%KBX$
CDeNBXd
8DPGIGl
CDENBXd
8DPGIG
; msFn
eD$%I\
64).b1
ew`9$o
TxT\3
lBA4;t
64).b1
ew`9$o
TxT\3
lBA4;t
64).b1
ew`9$o
TxT\3
lBA4;t
rmWuOSgKfN
xeBJbGaD
64).b1
ew`9$o
TxT\3
lBA4;t
{Bvn:m
y#O?D+C
oZtFc~
Jo2B6_
5v%0xU
JHQYF!
%>3E-L
[_Hc}!
Ri*Iy0
7eP\@/{|AH
6bui2V
2g\2>f9L
d=B2VA
F^< 0:
zpM(1u
PrjZ.;*
[v[:g5
)/ofRK
VrVq|4
G}*e^,
iZNK9r
IG9P0R
3yV]`E=
Rhbs3Mc
9SHOwt
4p5n[<O
su.w0y
sl88tZF[
zN[G=Zyd
5M,J-~
"IPuH@u*
/^(6y^
XUw4?I
czoO!F9
A!j~gp~
\D)PGP
/zc98)<A
|/uu*]
tx"rMH
q*8PoP
yNo!WFv
#+Z#:P
w#5j}\
B8a8pzy
q#(wcE
IWAuuS
7"mZYx}7
}<0qB=r
C9Vr{:
!*ATHU$
A$EptI
'H,WBn
**^T-
yrK#c}
~~04JQR?
q(S k
wd'+cb
EFKRiT
bH%Q77Q
`|S{f,9'
GetLastError
VirtualAllocEx
GetModuleHandleA
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrlenW
lstrcmpA
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
TerminateThread
TerminateProcess
SystemTimeToFileTime
SuspendThread
SizeofResource
SetVolumeLabelW
SetThreadPriority
SetThreadContext
SetThreadAffinityMask
SetPriorityClass
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReleaseSemaphore
ReleaseMutex
ReadProcessMemory
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
PulseEvent
OutputDebugStringW
OpenProcess
OpenMutexW
OpenFileMappingA
OpenFileMappingW
OpenEventA
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryExA
LoadLibraryExW
LoadLibraryA
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVolumeInformationA
GetVolumeInformationW
GetVersionExA
GetVersionExW
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempFileNameW
GetSystemTime
GetSystemDirectoryA
GetSystemDirectoryW
GetStartupInfoW
GetProcessVersion
GetProcessAffinityMask
GetProcAddress
GetPriorityClass
GetModuleFileNameA
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesA
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameW
GetCommandLineA
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FormatMessageW
FlushViewOfFile
FlushFileBuffers
FindResourceA
FindResourceW
FindNextFileW
FindFirstFileA
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitProcess
EnumResourceNamesW
EnterCriticalSection
DuplicateHandle
DosDateTimeToFileTime
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateNamedPipeW
CreateMutexA
CreateMutexW
CreateFileMappingA
CreateFileMappingW
CreateFileA
CreateFileW
CreateEventA
CreateEventW
CreateDirectoryW
CopyFileW
ConnectNamedPipe
CompareStringW
CompareFileTime
CloseHandle
CancelIo
GetComputerNameA
KERNEL32.dll
GetFocus
GetDialogBaseUnits
CharNextW
GetMessagePos
LoadCursorFromFileW
LoadCursorFromFileA
GetProcessWindowStation
DestroyCursor
IsCharLowerA
GetShellWindow
GetAsyncKeyState
CharUpperA
IsWindowVisible
GetCapture
GetWindowDC
GetForegroundWindow
IsCharAlphaA
GetDlgCtrlID
EnumClipboardFormats
ReleaseCapture
GetMenu
LoadIconA
USER32.dll
GetBkColor
GetColorSpace
CreateCompatibleDC
CreateMetaFileW
UpdateColors
GetEnhMetaFileA
GetEnhMetaFileBits
GetStockObject
GDI32.dll
RegOpenKeyW
RegQueryValueExA
ADVAPI32.dll
ImmGetVirtualKey
IMM32.dll
JQRAXTKBPQIRHSLTHF0
201119073529Z
391231235959Z0
JQRAXTKBPQIRHSLTHF0
JQRAXTKBPQIRHSLTHF
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority0
190502000000Z
380118235959Z0}1
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0v
3http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt0%
http://ocsp.usertrust.com0
rRj;B7|
[C]e=P
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
201023000000Z
320122235959Z0
Greater Manchester1
Salford1
Sectigo Limited1,0*
#Sectigo RSA Time Stamping Signer #20
https://sectigo.com/CPS0D
3http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
3http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
http://ocsp.sectigo.com0
JQRAXTKBPQIRHSLTHF
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA
201119144420Z0?
0lv!9J
@ATPdEZxAbi
nrlLQfleDf
TFtXLkibIU
4444rfecee42t96b2872ta3y-141ar469c-55ff22rr1dPP1
<<<Obsolete>>
Antivirus Signature
Bkav W32.AIDetect.malware1
Lionic Clean
tehtris Generic.Malware
ClamAV Win.Packed.Qbot-9864904-0
CMC Clean
CAT-QuickHeal Trojan.QakbotPMF.S17137072
McAfee W32/PinkSbot-HH!B5751AF0FCBF
ALYac Gen:Variant.Razy.791204
Cylance Unsafe
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Clean
K7GW Riskware ( 0040eff71 )
Cybereason malicious.0fcbfb
Baidu Clean
VirIT Clean
Cyren W32/Qbot.AN.gen!Eldorado
Symantec W32.Qakbot
Elastic malicious (high confidence)
ESET-NOD32 Win32/Qbot.CN
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky Trojan-Downloader.Win32.Agent.xxznjx
BitDefender Gen:Variant.Razy.791204
NANO-Antivirus Trojan.Win32.QakBot.ichvii
ViRobot Clean
MicroWorld-eScan Gen:Variant.Razy.791204
Tencent Malware.Win32.Gencirc.10d029a2
Ad-Aware Gen:Variant.Razy.791204
Sophos ML/PE-A + Mal/EncPk-APV
Comodo TrojWare.Win32.Agent.FESC@8qk2yw
F-Secure Heuristic.HEUR/AGEN.1205086
DrWeb Trojan.Inject4.5522
Zillya Trojan.Qbot.Win32.12523
TrendMicro TROJ_GEN.R067C0DC522
McAfee-GW-Edition W32/PinkSbot-HH!B5751AF0FCBF
Trapmine malicious.high.ml.score
FireEye Generic.mg.b5751af0fcbfb104
Emsisoft Gen:Variant.Razy.791204 (B)
SentinelOne Static AI - Malicious PE
GData Gen:Variant.Razy.791204
Jiangmin TrojanDownloader.Agent.fzdw
Webroot Clean
Avira HEUR/AGEN.1205086
Kingsoft Clean
Gridinsoft Trojan.Heur!.00012031
Arcabit Trojan.Razy.DC12A4
SUPERAntiSpyware Clean
ZoneAlarm Trojan-Downloader.Win32.Agent.xxznjx
Microsoft Trojan:Win32/Qakbot.GN!MTB
TACHYON Clean
AhnLab-V3 Trojan/Win32.Qakbot.C4230779
Acronis Clean
BitDefenderTheta Gen:NN.ZexaF.34682.dvX@a0X6mfn
MAX malware (ai score=87)
VBA32 BScope.Virus.Virlock
Malwarebytes Trojan.Crypt
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R067C0DC522
Rising Trojan.Generic@AI.100 (RDML:o76RgFwn+mzl0tVz/BTweA)
Yandex Trojan.DL.Agent!A0KyP6ubvdg
Ikarus Trojan.Win32.Generic
MaxSecure Trojan.Malware.141432533.susgen
Fortinet W32/Kryptik.GLWT!tr
AVG Win32:DangerousSig [Trj]
Avast Win32:DangerousSig [Trj]
CrowdStrike win/malicious_confidence_100% (W)
IRMA Signature
ESET Security (Windows) Win32/Qbot.CN trojan
Avast Core Security (Linux) Win32:DangerousSig [Trj]
C4S ClamAV (Linux) Win.Packed.Qbot-9864904-0
F-Secure Antivirus (Linux) Heuristic.HEUR/AGEN.1364004 [Aquarius]
McAfee CLI scanner (Linux) W32/PinkSbot-HH
Bitdefender Antivirus (Linux) Gen:Variant.Zusy.344739
G Data Antivirus (Windows) Virus: Gen:Variant.Zusy.344739 (Engine A)
Sophos Anti-Virus (Linux) Mal/EncPk-APV
DrWeb Antivirus (Linux) Trojan.Inject4.5522
Trend Micro SProtect (Linux) Clean
ClamAV (Linux) Win.Packed.Qbot-9864904-0
eScan Antivirus (Linux) Gen:Variant.Zusy.344739(DB)
Kaspersky Standard (Windows) UDS:Trojan-Downloader.Win32.Agent.xxznjx
Emsisoft Commandline Scanner (Windows) Gen:Variant.Zusy.344739 (B)
Cuckoo

We're processing your submission... This could take a few seconds.