SmartHawk

1.0

低危

59 个模型检测该样本为恶意！

重新分析

下载样本

0d55cf4dfb3459fcef0cc805605de173df1f05aab08f145ae045f78b998f65c1

0d55cf4dfb3459fcef0cc805605de173df1f05aab08f145ae045f78b998f65c1.exe

分析耗时

142s

引擎	描述	特征	威胁分数	可能家族	检测耗时
DACN	基于动态分析和胶囊网络的可视化恶意软件检测	API调用、DLL以及注册表的修改情况	0.12	Unknown	0.07s
FACILE	利用改进的层次胶囊网络对二进制恶意软件图像进行识别分类	二进制图像映射为的灰度图像	1.00	Unknown	0.06s
IMCLNet	轻量化深度卷积网络模型实现恶意软件家族检测	原始二进制映射而成的可视化图像	0.62	Unknown	0.20s
MFGraph	利用静态特征构建图网络以检测恶意软件	原始二进制PE文件的静态特征节点	0.00	Unknown	0.00s

查杀引擎	查杀结果	查杀时间	查杀版本
Alibaba	Worm:Win32/Small.c79bc00c	20190527	0.3.0.5
Avast	Win32:SillyP2P-X [Wrm]	20200902	18.4.3895.0
Baidu	Win32.Worm.Agent.bf	20190318	1.0.0.2
CrowdStrike	win/malicious_confidence_100% (W)	20190702	1.0
Kingsoft	None	20200903	2013.8.14.323
McAfee	W32/Xiquitir.ow!p2p	20200902	6.0.6.653
Tencent	Trojan.Win32.Small.p	20200903	1.0.0.1

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2004-05-07 07:02:15

PE Imphash

af3ba5bf5918eaef7c5f364fe0aae9c3

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
GlFCfAHi	0x00001000	0x00009000	0x00009000	5.670086252713394
iqsNyMnI	0x0000a000	0x00005000	0x00004a00	3.275780440272743
.rsrc	0x0000f000	0x00001000	0x00000c00	3.533309044127693
seg1	0x00010000	0x000004aa	0x00000400	4.409515997755898
.adata	0x00011000	0x00001000	0x00000200	0.0
_data	0x00012000	0x0000b000	0x00000400	0.0
Shared	0x0001d000	0x00006000	0x00040000	0.0

Resources

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0000f408	0x00000128	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None
RT_ICON	0x0000f408	0x00000128	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None
RT_GROUP_ICON	0x0000f534	0x00000022	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None
RT_VERSION	0x0000f55c	0x000003fc	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None

Imports

Library ADVAPI32.dll:

• 0x407000 RegSetValueExA

• 0x407004 RegCloseKey

• 0x407008 RegOpenKeyA

Library kernel32.dll:

• 0x407010 FindClose

• 0x407014 FindNextFileA

• 0x407018 GetModuleHandleA

• 0x40701c GetStringTypeW

• 0x407020 GetStringTypeA

• 0x407024 GetModuleFileNameA

• 0x407028 GetWindowsDirectoryA

• 0x40702c FindFirstFileA

• 0x407030 Sleep

• 0x407034 HeapFree

• 0x407038 HeapAlloc

• 0x40703c GetStartupInfoA

• 0x407040 GetCommandLineA

• 0x407044 GetVersion

• 0x407048 ExitProcess

• 0x40704c HeapDestroy

• 0x407050 HeapCreate

• 0x407054 VirtualFree

• 0x407058 VirtualAlloc

• 0x40705c HeapReAlloc

• 0x407060 GetLastError

• 0x407064 CloseHandle

• 0x407068 WriteFile

• 0x40706c ReadFile

• 0x407070 TerminateProcess

• 0x407074 GetCurrentProcess

• 0x407078 UnhandledExceptionFilter

• 0x40707c FreeEnvironmentStringsA

• 0x407080 FreeEnvironmentStringsW

• 0x407084 WideCharToMultiByte

• 0x407088 GetEnvironmentStringsA

• 0x40708c GetEnvironmentStringsW

• 0x407090 SetHandleCount

• 0x407094 GetStdHandle

• 0x407098 GetFileType

• 0x40709c RtlUnwind

• 0x4070a0 SetStdHandle

• 0x4070a4 FlushFileBuffers

• 0x4070a8 CreateFileA

• 0x4070ac SetFilePointer

• 0x4070b0 GetCPInfo

• 0x4070b4 GetACP

• 0x4070b8 GetOEMCP

• 0x4070bc GetProcAddress

• 0x4070c0 LoadLibraryA

• 0x4070c4 SetEndOfFile

• 0x4070c8 MultiByteToWideChar

• 0x4070cc LCMapStringA

• 0x4070d0 LCMapStringW

• 0x4070d4 CreateDirectoryA

Library USER32.dll:

• 0x4070dc MessageBoxA

L!This program cannot be run in DOS mode.
/<kRkRkR
^iRYjR\gRXWR
AlRkS\RDiRTjRRichkR
GlFCfAHi
iqsNyMnI
.adata
Shared
20|ojBh@FToo
m^pQePh
xh0]}'
^6{$4TE'
@#04r6;
mnsOIU
63)o (a
Z"{e1G2
bHv$=|
SkDr3Ot8"kD
Q# 2Vw
c~l!h,@
aMvQLc[}
KI.\ ]A
0aYW,)G_
B,^ 661
G`,l\g
58vk[^w
]Xe'=M6
[Bl_2C
^qd_EH,+
.W/nM%uA
<]l`.-
>H!I-?^
hRABWf
3-`UiL
+*9}wd
a1~@B8
b/##g"R
O!)b'nJ
O%ah\l
9(@N$'4<9
5[{5p*04^.W7P[XF
:wt4>"+
tA+gv2S
n7n#fB
rWu;m{6e')~c>
[44YuyUt
l3+B5r
+;r>)V]
P Yt.EKxY
 Cc;e+t
.+PSS#=+t67)
W<:on.
fX35_[
xY `4-u
MU+U9U}wE
tAt2t$
YYUQSVW}
+;r>})E
UQSVW}
t6t7)E
YY^54@
Yu3Vt$
PUSVWu
_^H[]Ujhp@
j?UIZ;
r;]uy;
;uY;]s
pD#U#ue
j #M_|
]#\D\D
VW3;u0DP
_^[SUVW|$
_^][Vt$
3^SVt$
>+~&WPv
YSVW33395 @
_^[UQQSV5@
rt`+tE
rbtHHt.
u@u;@S9]u.E
SUV333;W~]
;|?4$j 
_^][USVu
_^[UWVu
DDDDDDDDDDDDDD
It.ht lt
HHtpHHtl
YAE t!E@E
t;ERPWVEUe
~;E]xf
YY~2MQu
E_^[S?@
KVW~&|$
X_[^3^
YtF>"u
< v^S39
PY;5l@
8t9UW
YE?=t"Uq;Y
EYW6tY
8u]5(@
[UQQS39
EPEPSSWM
YEPEPE
@"t)t%
F8"uF@C
@C8"u,
VW333;u3
SS@SSPVSSD$4
;t2U>;YD$
t#SSUPt$$VSS
;t<8t
u+@UY;u
3_^][YY
DSUVWh
_^][DUSVWUj
t.;t$$t(4v
VC20XC00U
]_^[]UL$
PYY\WP\@Y<v)\P\;j
P5`WP8`h
P6VYP6j
DDDDDDDDDDDDDD
SVW33@@
<1u6=@
t78t2=@
^#+t-Ht!Ht
5t.;t*;t
VuEPuuu
90tr0B=@
@;vAA9
 t7SWU
BBBu_[j
VPVPV5
@AA;rI3
VWuBht@
;tg5p@
tPhlt@
_^[3L$
GIt%t)
Gt/KuD$
GKu[^D$
[^_SVt$
S>Yu+Vj
_^[3VWj
3^95 @
YY@}>j
8YUjht@
SVWe39=
"WWSht@
M]9}tfSuu
tMWWSuu
Mu;tVSuuu
3;u>EPj
EPVht@
E;tc]<
euWSV[
e33M;t)uVu
PKY3UQ
 ;t8WY;YEt*j
`h````
ppxxxx
(null)
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
Winamp 5.0 (full version).exe
Winamp 3 (full version).exe
Winamp 3.5 (full version).exe
Update Photoshop 7.0 to Photoshop 9.16 (Its Work!).exe
Update Photoshop 8.0 to Photoshop 9.5 (Its Work!).exe
WinAce 3.85 (with Serial).exe
Download Accelerator Plus (DAP) (full version with serial).exe
RealOne Player (Full version).exe
BsPlayer v3.exe
WinRar v6.11 (with crack).exe
WinRar 4 (with crack).exe
ContaWin 2000 (full version).exe
WinZip 9.exe
DivX 7.2 freeware.exe
3D Studio R8 (It's Work!!).exe
VirtualDub 2.1.4.exe
MSN messenger 6.3.exe
Hacha Profesional Edition.exe
Simpsons pack guiones (Temporada 2004).exe
Mazinkaiser pack fondos de escritorio.exe
Mazinkaiser comics pack.exe
Juegos JAVA para NOKIA.exe
Capitulos ineditos de DragonBall Z jamas emitidos.exe
Pack Tonos y Logos para Nokia.exe
Nero 7.5.1.0 (cracked!).exe
Pack Photoshop CS 8 plugins.exe
3D Movie Maker.exe
Silent Hill.exe
PSEmu.exe
RM2GBA.exe
WAV2MP3.exe
GBAEmu.exe
GameCube Emulator.exe
Pack 50 Juegos PS2.exe
Pack 25 Juegos GameCube.exe
Resident Evil for GameCube.exe
Visual Basic 6.exe
Visual C.exe
Visual Studio (full).exe
mugen (full).exe
Fuck my fat ass.avi.exe
German extreme violation.mpg.exe
Sexo con una menor.exe
Pedofilia pack 37 pics.exe
Follada brutal coo roto.exe
Lolita Pack 20 Pics.exe
Puta come mierda.exe
Solo para Maricas.exe
No lo Descargues.exe
Dont Download.exe
humor.exe
Dont Touch.exe
Hentai.exe
Matrix Wallpapers.exe
Terminator 3 Wallpapers.exe
Hentai Evangelion Poker.exe
Shinchan screen saver.scr
Hentai Shizuka clit.exe
a pelo.exe
Chenoa en cueros.exe
WinAmp skings and plugins.exe
FlashGet Max acceleration (Experimental).exe
VMIntel386.exe
C:\Gusanillo QueBonito@Compartir.es
Hola tio! soy el gusanillo
como va eso?
Error in zip file
El archivo tiene un formato desconocido o est daado
Zip message
El archivo zip no ha podido ser abierto
probablemente este daado
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
 256mb 32bit
VMIntel386
/Intelx386
/VMIntel386.exe
Pack sex very hot nude young girl porn erotic private pussy rape clitoris suck chicas fotos culos tetas coos mamadas corridas sister hermana amigas friends lesbianas mujeres desnudas putas guarras hentai.exe
EMULE.EXE
config/shareddir.dat
012345: :
SOFTWARE\Kazaa\LocalContent
012345:%s
DisableSharing
SOFTWARE\Kazaa\UserDetails
QueBonito@Compartir.es
012345: :
SOFTWARE\IMesh\Client\LocalContent
012345:%s
DisableSharing
SOFTWARE\IMesh\Client\UserDetails
QueBonito@Compartir.es
FindClose
FindNextFileA
GetModuleHandleA
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
GetWindowsDirectoryA
FindFirstFileA
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
CloseHandle
WriteFile
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
CreateDirectoryA
RegSetValueExA
RegCloseKey
RegOpenKeyA
MessageBoxA
`.rdata
@.data
uFWP[Sh0Wy
w< s.UUH$<
ogtfSLaj
Sm!eE,\M
}tVdgEkt
B/u>C1
VI`40 I
3P3<PcY4
d4S,A b
nVtc<kaB|Vj
g:)IV_j
sZ?ML}T
Fnav0p`S
L 8WKC
[t*,WPB
,:iiHVftiM,
x"8Pj4M4|4M
.>Tdw4
P, (8PX
)ww?(null
runtime error 
- Kabloto iniValiz
|'7not=
spac#f{lowi8)a
on76std5pur+viokrtu!3c# c
b('4__*kex\/X
_N19opeX1s
desc+8!
#7mvmtha
4dpkma.
p@gram Jm6-
A*+0.}
+8argu(s
_`+fnng
VisC++ RLib
<%,klwlwn>
GetLa2A
Wd&essageBoxA3s%32.d*"g&
vXKKb}IO
Y@#EXE
COMI+RyAR
ISORRG,v1CD
MTDI5@RL
SUmWkm
TGTJm{TnW|3
OG6An|
ASN@VOOAU@
6AI"RMI
KSTJ}?k+
9vVdXVKDOTXTcD"naRT
jamp 5.0 (f 
vers).exe
L4C3AAv
l|n&Dpde Photo
9.16_Its Work!]A
Ace8)wB[5 S
(A#:&& IJl>!
Pluu(DAP)$
RaA6}1
cckcM%~
CtaH 200
2 freeweLZ
3DTtuqR8
xh=SbDub8
.4OBjM mengx
Hharofe
azkaiQLHFfDdh[? KqI'
 NOKIAX
lnapFe[;3MDLYnBaC-pZ jpa
 jK9^mPk
T/;y LoV
okhcaON
o5_0Z$r
sGvr9/MovB
c i[.H
7".\Emu<
H,2MPoA
Ce Il3
l!H5^7b2D<"
]d!Ehl"
JqJc 6[H80,
CG`a6t
Zjmoi^
mrotoE
m[LCi< 6
SPhPx~N?a
f87SoQMn
$ADDQXGeB
8]hum=T
(/htixO&perVQ
CSh]:s-ee
roZ'84Ags-4(
xim0pk7
_MI#838
rb[:\Gu
NQ^B4h@Cts!3H? 
B!Fo g9
FivoE*L0
-m-nSM5qc oE[t9a
_d7{abO
eO~eSOFT
8$\ys\#AZ1V
:R+6mb(2[t
6Suyoig
Oolrnk
ahphs-ld
EMULE.
QXg/;d?DSdaG+012345:J
Kazaa\\P
[y?yv!
w#?@~/
^__j2/``
U%QdTUU2"
StTypeW
*1ANam
soryAj
Ayce*)upInfoR
n<mLinc
Pr7OEDee
~n&Re{
Wrh0[h
UnhCnnmd
pt<te`d
ToMBy!les,
6h'Buff
}r/Load&JdOfp
exHP[`e
.r0%!V
XPTPSWXaD$j
33333330
{{{{{{{3
{{{{{{{33
{{{{{{{330
{{{{{{{330
{{{{{{{330
3333333
33?030
33333333
wwwwwwwwwww
DDDDDD@
DDDDDDGpw
DDDDDDGpw
DDDDDDDDDDD
wwwwwwwwwww
DDDpp@
ADVAPI32.dll
KERNEL32.DLL
USER32.dll
RegCloseKey
ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect
MessageBoxA
ADVAPI32.dll
kernel32.dll
USER32.dll
RegSetValueExA
RegCloseKey
RegOpenKeyA
FindClose
FindNextFileA
GetModuleHandleA
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
GetWindowsDirectoryA
FindFirstFileA
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
CloseHandle
WriteFile
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
CreateDirectoryA
MessageBoxA
(null)
         (((((                  H
VS_VERSION_INFO
StringFileInfo
0c0a04b0
Comments
Microsoft
CompanyName
Microsoft
FileDescription
Microsoft
FileVersion
1, 0, 0, 1
InternalName
Microsoft
LegalCopyright
Copyright 
LegalTrademarks
Debido a que es un Gusano, no creo oportuno rellenar este cuadro. jejeje
OriginalFilename
Microsoft
PrivateBuild
Microsoft
ProductName
Microsoft
ProductVersion
1, 0, 0, 1
SpecialBuild
Microsoft
VarFileInfo
Translation

Process Tree

Hosts

IP
114.114.114.114
8.8.8.8

DNS

Name	Response	Post-Analysis Lookup
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
dns.msftncsi.com		131.107.255.255

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	53179	224.0.0.252	5355
192.168.56.101	49642	224.0.0.252	5355
192.168.56.101	137	192.168.56.255	137
192.168.56.101	61714	114.114.114.114	53
192.168.56.101	61714	8.8.8.8	53
192.168.56.101	56933	8.8.8.8	53
192.168.56.101	138	192.168.56.255	138
192.168.56.101	58485	114.114.114.114	53
192.168.56.101	58485	8.8.8.8	53

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Name	168b3a2da01476a9_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	5.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ccee53cfc51263004ad81760cba4285e`
SHA1	`0947a30e724f12281d6b52a9ac4fe77adbd78660`
SHA256	`ee0b55b84b2e43d20223d8261d6b438f3e02d360b7bd56dc61c523a636475c49`
CRC32	`59447C4C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	419236f6fc43bd44_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	4.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`de50696f5a67258da6c49c73c51cb4c1`
SHA1	`ebd32eab6589b7fcf8f4abffc11e19d274f607a9`
SHA256	`71df0676c9820a97375472af3fdf3cce0c9386907c89120481c75ff06ccca90e`
CRC32	`F4444D78`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	5135f48348372b60_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`751a151048929047508d5f7977c1f2af`
SHA1	`8d6ad05c4cdfd173b0962f47c11d272eafe97f81`
SHA256	`c861850d851843c7cfdd7205e0902253207e7f46227769dafb05e7ae452c2c97`
CRC32	`CEC87E85`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e503ce87cab13dd0_winrar v6.11 (with crack).exe
Filepath	C:\Windows\Intelx386\WinRar v6.11 (with crack).exe
Size	8.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`bae8bb6d6b55838182570f8266beccfe`
SHA1	`8c24dad80a845dd14e64f9738eb0ef0f1cd75f05`
SHA256	`e503ce87cab13dd080f13a202b2b385580a332927d73b982c6992522a6b4192a`
CRC32	`75209703`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	98f2d3816f9cd3cf_sexo con una menor.exe
Filepath	C:\Windows\Intelx386\Sexo con una menor.exe
Size	6.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`277612ea5fbb8f64987440caa1f8f954`
SHA1	`35563c6f485a0a243ec627c513ceffdc8debb126`
SHA256	`98f2d3816f9cd3cfe192895f91e578c8c46dad0ffef6ff4cb0c9eb9befb4e544`
CRC32	`EC617CC4`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	afaeccec9cf811d2_dont download.exe
Filepath	C:\Windows\Intelx386\Dont Download.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3f057d601fb589e214be66d35eb20479`
SHA1	`4873a7821bab87776a7a67502a8650f6212dedbb`
SHA256	`afaeccec9cf811d201d701ef3e2e533f6a9b578b25772ffa97e57370314774cf`
CRC32	`B6CA2BBA`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1e3684be2cd5b5a3_pack tonos y logos para nokia.exe
Filepath	C:\Windows\Intelx386\Pack Tonos y Logos para Nokia.exe
Size	7.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a070d3790e335e7dd09fa815c35f4c98`
SHA1	`90a087755887f284deeffabed27f09a78122ed3a`
SHA256	`1e3684be2cd5b5a39090a8434779c9224e0c63366b4e91748f6e8b4c36d069d3`
CRC32	`D9D9A6E5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e407e5bd6d94c346_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	6.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`65a876f0565e4779e28266c3d0729690`
SHA1	`108234a80b0e5e500ac0b92bc27da9f53558afc3`
SHA256	`9c938523399ebda65b4b42b54e3003439f6e49020656d37a9fa9db484b28e5c7`
CRC32	`785724E3`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6b6db0ff74c5085b_pack photoshop cs 8 plugins.exe
Filepath	C:\Windows\Intelx386\Pack Photoshop CS 8 plugins.exe
Size	9.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3b95bf592e65b33d0c4d19ddfaef8fc7`
SHA1	`2e82716c095cb5b91b918b012e5e4388e9659ded`
SHA256	`6b6db0ff74c5085b07f800b6f0adcae316a329de04b43223635fc404b36b515b`
CRC32	`E5C41D2B`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a14933cc8f50b4bd_pack 25 juegos gamecube.exe
Filepath	C:\Windows\Intelx386\Pack 25 Juegos GameCube.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b1bf03bc6cc48d44c858d1261456e19e`
SHA1	`e06abcdd3371873e1613baf740a3bb6a7dafb12d`
SHA256	`a14933cc8f50b4bdab06fcf8b5a9aa2decaa47bff411b71f7fa559eb0ba2ff5f`
CRC32	`F755BE32`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	08778fc7e8c9d2f6_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	4.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`5d8a885da9d1c0c81db5f559dd56eb48`
SHA1	`d6c1154598a2b7c810930bb6c32f3cc3f7041fd7`
SHA256	`16b02543dfedd029bdc8ec5ae07a823a034a52a76aff5b590cb8550a69bf0d73`
CRC32	`F58B96FF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	eee4a69f22a0a3bb_mugen (full).exe
Filepath	C:\Windows\Intelx386\mugen (full).exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1ec0fc3b7ba6f07ab59adca7bd117887`
SHA1	`d0fbd05ffd4c073e5cafae0a067eb8951016e4ac`
SHA256	`eee4a69f22a0a3bb705f810896ae57d578ba0bd4a322438acfa3e340516389f3`
CRC32	`36A13DDF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	52f250c79c1cf9c8_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	4.7MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e120547ea57f9ca2a66c031e780fcbf3`
SHA1	`df20b8d55fdedb2d441efc67878b55bad2b853ea`
SHA256	`335ac34b7b05f259eb05b7465a4c6930afcf5eb7548a0b7a604d1552de66eb56`
CRC32	`98D9B11A`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d2ff55965a3eaa16_virtualdub 2.1.4.exe
Filepath	C:\Windows\Intelx386\VirtualDub 2.1.4.exe
Size	8.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a5f1c9e927e3c4d0f1fe4684a70029ca`
SHA1	`d7afe4a5af485078297ae10a534edb4b9f66429f`
SHA256	`d2ff55965a3eaa16cc876d963efc5b47007cbd4496447b6e45c62cf71a94a015`
CRC32	`27E70459`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d878bbd08add12a2_no lo descargues.exe
Filepath	C:\Windows\Intelx386\No lo Descargues.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e4e6ea11f97dce18f8d07a337e081031`
SHA1	`0e0cfbad45fbdeefaa39e482d1a5800686dcbd32`
SHA256	`d878bbd08add12a20ef66c8aa72cec62311b3b0eb02bc2d885ff993eb5a14cc6`
CRC32	`D62EAD52`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a9af8140f740521d_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	744.0KB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`614a6c09c6f434bbcf9c41d21c371f34`
SHA1	`de6aff03c95267128221decf32bd585aada99c31`
SHA256	`733fd22ffe6206d879653e656e2822c60318dd0ef3a3d7d0c56d217598a211e4`
CRC32	`2E14FE59`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	843c4aefbda6abb7_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	6.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`7d4a3546edaa9e5e7882e4268b90f1eb`
SHA1	`a324d4bfba5695238588125159d4a373cf95a266`
SHA256	`843c4aefbda6abb73774896ac2da7c9763868f200445efea75696524c69782de`
CRC32	`1617469F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	7ae02d81cad5042b_winamp 5.0 (full version).exe
Filepath	C:\Windows\Intelx386\Winamp 5.0 (full version).exe
Size	9.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ef025ec7e793970274e0729d888de95a`
SHA1	`bdcb6b423c9385cad81063457fe91ca3fc41b730`
SHA256	`7ae02d81cad5042b283faf05c386add8724372d2673e42c08d95aaa16c79382a`
CRC32	`685BE4FF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	45dafaecaca7cc4b_puta come mierda.exe
Filepath	C:\Windows\Intelx386\Puta come mierda.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`23c259b60777bd58c972eab1f66ca680`
SHA1	`54c6babd60a1aff732ea072a8585c7dbcdf00b53`
SHA256	`45dafaecaca7cc4bf3d5175174b1cb8e77c96df64ba1a4683a59c2c71a92e927`
CRC32	`802DD63E`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	ab523ae86b927ac7_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	5.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`6d97047d719d195bfc93242306a75687`
SHA1	`dc04523b97014d1ce562ab36e5fa6cf686910c7d`
SHA256	`09ab4c264622451a88c2de26bf436541a46f0692e307657705a5bba52720b7db`
CRC32	`E381B205`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	24fcf5aa025fe858_hacha profesional edition.exe
Filepath	C:\Windows\Intelx386\Hacha Profesional Edition.exe
Size	6.8MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`11fde14b2273378787ef60bd658223f5`
SHA1	`aa50fde8ae179208bdf7216f3732913c705755d9`
SHA256	`24fcf5aa025fe8587a44de92b7c5ca112bc589451c883857f108adebc48a8496`
CRC32	`EA9939CE`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	ae3f76fec346ee6e_pack 50 juegos ps2.exe
Filepath	C:\Windows\Intelx386\Pack 50 Juegos PS2.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2b7d79ebc147cc6cc2a3ff410a72d021`
SHA1	`08b4c251f53edd96f88cab63776f032f7f28fc65`
SHA256	`ae3f76fec346ee6ee06c961226c62655fcf40eda8c876bc944f59a7030c606ec`
CRC32	`352DCFE7`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	754140718e2e9dd9_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	7.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`813dacb627cf279f08faf0752759273d`
SHA1	`523fe1dd73ab76f5f977c81c76e3838d8cbbd106`
SHA256	`754140718e2e9dd93abb33a6c8c10450cb8bebd52a7d26bad75d977b35577c40`
CRC32	`855E57B0`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	f21b867796223556_winamp 3.5 (full version).exe
Filepath	C:\Windows\Intelx386\Winamp 3.5 (full version).exe
Size	8.7MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ba3e46601411ebf3951c962a74dccbe0`
SHA1	`3854a89e608781b789e71807529586989687634e`
SHA256	`f21b867796223556c6fb420a7ec54336fc98d10c9d9f069b6d917ed93d95abdd`
CRC32	`FE936773`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	8bdd5db84b4820bd_winamp 3 (full version).exe
Filepath	C:\Windows\Intelx386\Winamp 3 (full version).exe
Size	8.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`da68f279cca2980cb1067344b0ac37a2`
SHA1	`df76c7c7f54eeed39c7a0dc9dfa63a87269eadf8`
SHA256	`8bdd5db84b4820bdee1c19ce0a7fa0ef820d8dc09475451e847b7899a16e0bfe`
CRC32	`71460253`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e2d0aaa0fc6da82f_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	1.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0b9bdb8032e51456f2390c32a41d0d49`
SHA1	`1333288852494e85a93d1535d140ba7a5282b914`
SHA256	`c49231cc545afbdeb8c838ef2150ed9b863c8cc3495d3470aa294c2854c5545b`
CRC32	`130EA1F8`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	4c1578ada107f7ca_winzip 9.exe
Filepath	C:\Windows\Intelx386\WinZip 9.exe
Size	8.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`005a33e5bb178da3f0794a81dbb22b62`
SHA1	`fdd099aecc22af66b8ebdd28aeba8c778a3515ae`
SHA256	`4c1578ada107f7ca209a9b2aab7300d50f330b5ef58638d7f935e66bc2ab9855`
CRC32	`D68ED2AB`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	56b00c18820aa7f5_shinchan screen saver.scr
Filepath	C:\Windows\Intelx386\Shinchan screen saver.scr
Size	1.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3ce3edcdab0b9b3beaa07c786926b7ed`
SHA1	`aa68b0434bc2ec2568180e8a2247d8cb4afcce2c`
SHA256	`c78b26e87a59dc3482548c3a7048dda1ae58f9bcb93fe5cbb42c6cd965d5bba2`
CRC32	`B8486D1B`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	44f27a7f9202d78a_humor.exe
Filepath	C:\Windows\Intelx386\humor.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`02a726977b5dde24c87cd0c04154fc58`
SHA1	`009c755681a616bb7215ad88425f4ee26462d6c2`
SHA256	`44f27a7f9202d78ad07255ebee8d7626caa9c84f001cffd722cb0e60af215d33`
CRC32	`C766EC80`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a6c7daf3786c8ae8_update photoshop 7.0 to photoshop 9.16 (it磗 work!).exe
Filepath	C:\Windows\Intelx386\Update Photoshop 7.0 to Photoshop 9.16 (It磗 Work!).exe
Size	7.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`fb49602b2fdc585ff5f974b8a7331179`
SHA1	`7aef925ffe028386601eb160b7954349ff208010`
SHA256	`a6c7daf3786c8ae89e90cb7ac014245e992729e110f59f35dd4a840719496be4`
CRC32	`723D8DE5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	513bb9a595206d5d_3d movie maker.exe
Filepath	C:\Windows\Intelx386\3D Movie Maker.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1a01c7a839646a307aeb42338abec3a0`
SHA1	`1d5007bdb0fa7d430d1d4a4576e8be9e25e239f7`
SHA256	`513bb9a595206d5d8d7e53fa087ecdad31175de89ba6306448863d8ed5048cdb`
CRC32	`063B83FB`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	23d0926a746fbf33_realone player (full version).exe
Filepath	C:\Windows\Intelx386\RealOne Player (Full version).exe
Size	7.5MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`33c4bbb01fb46f6d4d30ae10be26fd32`
SHA1	`c6870cb313097fff7fc75ec4bdb74fa9be3247f9`
SHA256	`23d0926a746fbf3364813d186c77d171355758b81c81214d70d2b9937d071317`
CRC32	`B3B8BAFF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	297ad504c224c642_shinchan screen saver.scr
Filepath	C:\Windows\Intelx386\Shinchan screen saver.scr
Size	1.8MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f63ab6fda9484f2f6c5012892887dcff`
SHA1	`42d44f95e8b7235ab795521b78d462bb5315b01c`
SHA256	`0b7ba9ae3abc42f850014f71d26c179c68b7dc5e9fa0969ee77b86a3aa5a5252`
CRC32	`D3A9409F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3bc9903a32ccfe54_juegos java para nokia.exe
Filepath	C:\Windows\Intelx386\Juegos JAVA para NOKIA.exe
Size	7.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`409141a233e1fae3f61d43c797258839`
SHA1	`dd023f9c1c235e38c9fef77c5d0e714482743ad0`
SHA256	`3bc9903a32ccfe545183bf49e55e9c866f61686c9814e70947242614c213d27b`
CRC32	`3B616C3A`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3ba1a384ff79cca6_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	3.8MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`152aa61c750f466c03e164953c6cbf47`
SHA1	`cb229aeaebd9c4450dcd9870fa5c8232230461ea`
SHA256	`8f4cd3015d188bdb2546fd70762ac4a3feba540a3dddb1530ec7e6f7a2f9ca5f`
CRC32	`09DA7C9A`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6a224cb39effeb52_update photoshop 8.0 to photoshop 9.5 (it磗 work!).exe
Filepath	C:\Windows\Intelx386\Update Photoshop 8.0 to Photoshop 9.5 (It磗 Work!).exe
Size	8.1MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`fa66c10914994ad4885f9c834c64ef7d`
SHA1	`55ae7d792bf0c51cff7f49ed63193d1dfbe92513`
SHA256	`6a224cb39effeb52bd546bc6b41a6953a4c681207a5ed596ce84f5911ff187fa`
CRC32	`29D8537E`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	f27987cdf0b8a094_gbaemu.exe
Filepath	C:\Windows\Intelx386\GBAEmu.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f190809c3c73ed8f1b5e76ced974ccee`
SHA1	`eb92b5a3c43d23b90b0a4cddbc891d95bb4ec8af`
SHA256	`f27987cdf0b8a09415210b1e7174d6809d6d406ed4b44103e0e666a708d1c28a`
CRC32	`99249CF5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a3b23e86ddfd6146_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	2.1MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`16267175c34784cb83cd1fb7b0f101be`
SHA1	`9ee9df1578568b0d637ffeaa4a27ecf4fb1d3d08`
SHA256	`25271c9d43edebd2045825a8d9fcde03cdc54aa845bcb5b50423a215a92c6cbc`
CRC32	`5AE9BB23`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	49cd6375a589fa9e_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	660.0KB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3c271c0b4c00dd32fac57fba3e584e56`
SHA1	`ab98f015623ef4d4687f0535784c3bdc1084b6fb`
SHA256	`7a113c236cbee0707a2829d82ba57961865af43925b055e8997f2b3ba0938674`
CRC32	`146A6146`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	91c278e43bce14a3_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	228.0KB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d3bfe26a5ba691e4fb3ca19bc2767155`
SHA1	`919ce1a1fdde22c650d02d711b8b5a7b4f30f1df`
SHA256	`f9e73c5ad697828dc4f984c319c6b0557de7d5d63cfc734aad9226dc01e8c9d0`
CRC32	`9831C264`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d644ed89c5146cba_mazinkaiser comics pack.exe
Filepath	C:\Windows\Intelx386\Mazinkaiser comics pack.exe
Size	6.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1de40b8343dd7e165baa711a32b8d59b`
SHA1	`130b13fdd42da2b101ce8713e85524624d44a1b4`
SHA256	`d644ed89c5146cbae505b292348d72f0fc27cf2d953cb6d26359ddd3a2376ade`
CRC32	`A08FDC08`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	88bd519bd790b1ae_german extreme violation.mpg.exe
Filepath	C:\Windows\Intelx386\German extreme violation.mpg.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2c2de28dc778c659d907b9ba5ae1aec3`
SHA1	`370593f59bc748c68e24b8e05d3293bad6f4b72c`
SHA256	`88bd519bd790b1aebf55a1d4e48cc6747556a9ed351468c760e92e0aeb4ed8f7`
CRC32	`E55B6338`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	adc23ad1eb6d2357_visual c.exe
Filepath	C:\Windows\Intelx386\Visual C.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`038a0fd2a2331dce32824627fe9678ee`
SHA1	`1c7872bdc5f22795213e03cbc85b2345ee349405`
SHA256	`adc23ad1eb6d2357b265bb3b4504d5f340ac1a6ba84ae0f62059bf1a7195469b`
CRC32	`18FEF152`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	70a63e4082ee3bc2_shinchan screen saver.scr
Filepath	C:\Windows\Intelx386\Shinchan screen saver.scr
Size	644.0KB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`da99102b33db4a5cb669af3309fd8623`
SHA1	`98c4d1abf28a782b702527e986eee311fc96ae3b`
SHA256	`b12bf01dde34f64fa422260b1e2a435e0b20562f9db1d0f2237182da0ba3b000`
CRC32	`B97E748C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1e6d2334419d5873_msn messenger 6.3.exe
Filepath	C:\Windows\Intelx386\MSN messenger 6.3.exe
Size	8.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`aa7f1fbe1d01599940853b182372e33f`
SHA1	`f92330cab28bbb2120c38e80e533bbe704e189d4`
SHA256	`1e6d2334419d5873700f052a64c1e1eaf1c256549968523f6c9d06b1646f8dd1`
CRC32	`7A36F97C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	37581dd862f1a06c_fuck my fat ass.avi.exe
Filepath	C:\Windows\Intelx386\Fuck my fat ass.avi.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`08df5d1ee291ccf62872d7a41860b75a`
SHA1	`525e3bebbcd8d43bf7f4a68859dcd134bcafbc5e`
SHA256	`37581dd862f1a06cb46c90720ecb916f6f6d5f0061c789dc0df2c6aa1e51e771`
CRC32	`02B1AE9F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	c3968e762e13868d_nero 7.5.1.0 (cracked!).exe
Filepath	C:\Windows\Intelx386\Nero 7.5.1.0 (cracked!).exe
Size	12.5MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`340da292143e3ff9f2400166500435a9`
SHA1	`e783cb7c566757cbfaaf61c00aeab2ed04122bbc`
SHA256	`c3968e762e13868d99159673389e74bd6dc3f87f51b3200fc695fa7cdb95a8f0`
CRC32	`7541AAA4`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	aa524c1d5097007c_simpsons pack guiones (temporada 2004).exe
Filepath	C:\Windows\Intelx386\Simpsons pack guiones (Temporada 2004).exe
Size	6.8MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`19dd73557ed2a3d7db8217aa159a2ea9`
SHA1	`4e372ab12058539e9a5670186bfa41bb647d2a01`
SHA256	`aa524c1d5097007c0b53de5ad82f1ada150cd2f79263a0612e89e5ecbcde9101`
CRC32	`FB9C4118`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1f5f32d2ace93100_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	2.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d5a85c309c66f337e381018de02b7014`
SHA1	`f8c7844825bf2b4cb68f066ee2e8cecb93b149fc`
SHA256	`2af4b598eeea4692327d0b578c4082edfe0dba0249fd270387f9f8966b312609`
CRC32	`8D29D626`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	01f30b7a034254b6_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	1.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`46647a74de6d290a0cdf592c8fc1dc76`
SHA1	`6171ffdc25a2ca3947274c6707ab1e05ba22a2d9`
SHA256	`122f705e8ecceea82ab0f395d8785d0a60dab1f8def82a3bda4992f02b2b9436`
CRC32	`9E8262BF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a0c186c50a20783c_mazinkaiser pack fondos de escritorio.exe
Filepath	C:\Windows\Intelx386\Mazinkaiser pack fondos de escritorio.exe
Size	6.7MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0106e7c706053d8a87d828dd769b5579`
SHA1	`612c5c7c1608b5ec0e5cc2de7a628acfcef08a56`
SHA256	`a0c186c50a20783c2e677b3000806c09c77ce894fea5be913b3d590cf77c7a84`
CRC32	`AF1FEFF8`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6d9e451c69a47048_visual basic 6.exe
Filepath	C:\Windows\Intelx386\Visual Basic 6.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`966345bbf026fa520712382b08721356`
SHA1	`63d1b2b9f665bde46a7a1f6794be2a710d99c8de`
SHA256	`6d9e451c69a470486059f95c6424643304bd8492571888dd27d3949aa8afd4d5`
CRC32	`0D56A10F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	c6bbb4765fb6873c_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	2.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8f3997ea3403de649d63b17bd8585f97`
SHA1	`c3f840450414864fb29a03edfa678f519ba2e0e6`
SHA256	`752fab57f238b602a97005b395187cc075ea3c85784297def39879ce63ac764d`
CRC32	`8F20C7C2`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3505bd9a07498b66_shinchan screen saver.scr
Filepath	C:\Windows\Intelx386\Shinchan screen saver.scr
Size	2.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3c8b95364afc5784f239d49226a7bd32`
SHA1	`d28fa4d16b1ebb4d3219465ade1b3657cfa1174b`
SHA256	`933e985614cfa026a7f856c6e18754446f62160a839126bcd275c8e5b535cd53`
CRC32	`91C19184`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	b1d4c69d1a25a25c_divx 7.2 freeware.exe
Filepath	C:\Windows\Intelx386\DivX 7.2 freeware.exe
Size	7.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`895236f5550793861de614e6b951b19c`
SHA1	`a34283c85792924b4a80d911bf0d2c481ae9a1ea`
SHA256	`b1d4c69d1a25a25c201a779223e6fc5c2595d9797100af68e9be048cdfe27e9e`
CRC32	`F0089A22`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	8b78884ab0ccf7fc_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	3.1MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8bfe11edbb30ddf4333b7183b6f1b910`
SHA1	`157f473e550095d5f6d23445ec1a5980edd501fe`
SHA256	`76f30f5bf6d06ae1add6615b583936413f0b77547bc41d97b69ef7ef2c39d12f`
CRC32	`1D708948`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	bd3c353ca9f41397_gamecube emulator.exe
Filepath	C:\Windows\Intelx386\GameCube Emulator.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`9800340c33eab4e163eec349d2f3e73f`
SHA1	`9388b2a557cedf3656f87470ea0ad38cee7a2d47`
SHA256	`bd3c353ca9f413973f1a580d7ad0a3e083df27482495afd85b69a47e1141b49e`
CRC32	`117FE0B1`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	84af56e8dab64a69_dont touch.exe
Filepath	C:\Windows\Intelx386\Dont Touch.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`21efad408f3d7f646f1fc6b2364ce999`
SHA1	`4abe02104d9b877db714a1e3f941e4cebd22c22b`
SHA256	`84af56e8dab64a69068d00ca3c6d1448850c328f2cbac20b25f4d76d075bc89a`
CRC32	`CDFE2DA4`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	0b03f2164a78ac19_silent hill.exe
Filepath	C:\Windows\Intelx386\Silent Hill.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`81562d23ff26588bcd02047a515c8f6c`
SHA1	`1272c369e815a1252387f23a0e3f572bc6c82f80`
SHA256	`0b03f2164a78ac1904da4ebd1afb154e9a57e8fc69dccc8d57b8877e846246a7`
CRC32	`3A77D2C5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	654db2851089475b_rm2gba.exe
Filepath	C:\Windows\Intelx386\RM2GBA.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`4cdd42817f5b1c5e57d108e0112f1860`
SHA1	`91c671b5d3e87c1aa9ba393501f167756c20c599`
SHA256	`654db2851089475bfa1e510240061352bc69ac1cd176a17389da0ed95673ca02`
CRC32	`D11714A3`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	f0fb8af8a98ac993_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	3.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0f9bff5e04a31b2f9f391c967f6af239`
SHA1	`06d05ed4df1e1e768cdc67a059acdb49a5cf7ebb`
SHA256	`58ac46aa45d7a0b397cf369da57d364bc71326101560bb775b049b2bc0a325f6`
CRC32	`99ECC304`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	222a14712ac99527_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	3.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8c9f4f532ac4ac9e7090423c39dae5b9`
SHA1	`e659e629d37a212300dd91a453526214ede8458d`
SHA256	`638260d02c257612413a0cd7ea9a4060b60a7d57eece6f887e87942c4ab168b6`
CRC32	`D25FB1B4`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d1c741aa11688459_winace 3.85 (with serial).exe
Filepath	C:\Windows\Intelx386\WinAce 3.85 (with Serial).exe
Size	10.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a7c47e8d4ba5f716928ae3f2882dd42f`
SHA1	`ff2e4f09abae5b3adde9124733ea7639e63485e2`
SHA256	`d1c741aa116884591110c4c52dffe98f3dd4698d4f8224397dd98b4630edf1c3`
CRC32	`1DA49209`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	80550b1f051c9376_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	5.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`497323f0228f3fe9ce9457ca24727974`
SHA1	`0acd10cc182aea3bb5b4bc4e0be59d1752c2271f`
SHA256	`8bb4dc56ec2c3465b98e6ce7bf39758fe04f357ceb4f1cc97085f02795b7a611`
CRC32	`6C955014`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	c008aeedcd6b37ea_visual studio (full).exe
Filepath	C:\Windows\Intelx386\Visual Studio (full).exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`478136014a96a0d4b3cc26b90b780619`
SHA1	`39593868523ebc7fe782c56d3c18eb6800015d39`
SHA256	`c008aeedcd6b37eaa2daa1a427ebc3db8f2e535d51c3289f3be344f1dda8289a`
CRC32	`EB593055`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	5bcbe1699bc216e3_download accelerator plus (dap) (full version with serial).exe
Filepath	C:\Windows\Intelx386\Download Accelerator Plus (DAP) (full version with serial).exe
Size	7.5MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ddb61b05502449ff7575e4d47e69c534`
SHA1	`c0cf20fef68cdca47f9199b9702ee88118efb6b3`
SHA256	`5bcbe1699bc216e343cae5df0c9cd88e0131b091f47b67fed6cf34491dfeec2b`
CRC32	`6CBFAC42`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	418e60f9075f8607_solo para maricas.exe
Filepath	C:\Windows\Intelx386\Solo para Maricas.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ca939a2c96b3d776c93fe8252463229d`
SHA1	`f73a7d846ef7dc27044e961eb891aa539e836b9d`
SHA256	`418e60f9075f8607dbb9651464bf6661e37ea17c641df7c14e808a8b92b30521`
CRC32	`968233C8`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	14eb43449bfc05df_pedofilia pack 37 pics.exe
Filepath	C:\Windows\Intelx386\Pedofilia pack 37 pics.exe
Size	7.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`680a9dfb39826f9fbb8f774d83c9ade2`
SHA1	`85b950dff666501b34f976816a68ca40e7fb83c8`
SHA256	`14eb43449bfc05df5ea204a7f7c452299d8934282ab641ed7934b9c24529f89c`
CRC32	`7EF5E592`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	4f7795566fc72ddf_capitulos ineditos de dragonball z jamas emitidos.exe
Filepath	C:\Windows\Intelx386\Capitulos ineditos de DragonBall Z jamas emitidos.exe
Size	11.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8bedc2dd3a9a40971d5e71d55339543a`
SHA1	`1f57b4585cf800d90fedd747a531cc182a6211e0`
SHA256	`4f7795566fc72ddf4a2306c1a1f68bc7f7b4e10f218bd7360758fa65bcdd5981`
CRC32	`CAD9F935`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1b746161638b38e3_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	5.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ea487e66f0b45e3bc0cc0fce5f90a7f6`
SHA1	`924396c33ce103a126cc360d858ccaa9460308b8`
SHA256	`690b827294bbb6666184b53d16ea297c2e47bafe368fd0a31d12724a87b21812`
CRC32	`B069E3A0`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	b71b02e891c0f231_follada brutal co駉 roto.exe
Filepath	C:\Windows\Intelx386\Follada brutal co駉 roto.exe
Size	9.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`aff1ec4efd2b83d3b90cd014179d9890`
SHA1	`5ceef19d1de9960ce01c5292a5f52c9e10ce4fe7`
SHA256	`b71b02e891c0f231cd9b55ae3dea96981b618295bca7e88613f01da14b20a1ad`
CRC32	`1798CF4F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	aad2e8e65cb089a5_3d studio r8 (it's work!!).exe
Filepath	C:\Windows\Intelx386\3D Studio R8 (It's Work!!).exe
Size	15.0MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`deffcb3d139a074cba9b9228b4fa066c`
SHA1	`2ea14a2fdf86536d7ef97d05f4bb53ea9cff3ca4`
SHA256	`aad2e8e65cb089a5c5f270d4dea037c69e7a3def46d2ac896396cbbd3c34f50a`
CRC32	`9E94A925`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	ff448a81ac05fc0e_contawin 2000 (full version).exe
Filepath	C:\Windows\Intelx386\ContaWin 2000 (full version).exe
Size	7.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`db1a6346cb3182dbba1915754da151ad`
SHA1	`aa20f3f2e45c9c481d3960123c1aed0fb0109a09`
SHA256	`ff448a81ac05fc0ef9e1af254f75e8504596d396a724cb6546ec1922c37c93e3`
CRC32	`0135120A`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	4a1b9bc70044b5ca_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	6.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`fa4992363a45e5129e6df5cbfea2a8ed`
SHA1	`26a523deca886f79ddc04fab889d9d543da355ea`
SHA256	`4a1b9bc70044b5ca2897165bba428b8ee5b78af4219e5ea25b56de5b56ea67e4`
CRC32	`5F9E847F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1dc5561ef0bff77c_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	5.9MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e4e8d7e16a00ef46aa0120207954deb6`
SHA1	`607b761654f2ba460688b6b31eace8fd25d518c5`
SHA256	`af5159f3148d00961da116e32f1b3928f3b6d0e9eccff7d7f32e2482a51a5ae0`
CRC32	`0A864A85`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e62e7920fffe5a76_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`734624cea0f51136bbf9049d8340bdb2`
SHA1	`610b1c3e3082da3836a8e463ddf775c29f538dd3`
SHA256	`e62e7920fffe5a76387c62f0c7cbfb9aa8407fc7aacd3ddf2f1b81e549fcbd67`
CRC32	`BE439C96`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6be7c14d078abaee_bsplayer v3.exe
Filepath	C:\Windows\Intelx386\BsPlayer v3.exe
Size	8.6MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3b9c45a67cf123c41694578f41d15d5b`
SHA1	`1f8a9ff8c81bcfb4b56e74286f03c26934e30076`
SHA256	`6be7c14d078abaeeefc79330655731cceb241db1160bcdcce5d73745f99e3eeb`
CRC32	`552FCD83`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	0e65dc2ef0593dde_wav2mp3.exe
Filepath	C:\Windows\Intelx386\WAV2MP3.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0df5188a5889379114d471e1423e5dc5`
SHA1	`e06f770d76d6eb1e8d290ca3a58c3287c8a126db`
SHA256	`0e65dc2ef0593ddeb5922944d59f68c3e198a871b47cb04c40b9509456c59a62`
CRC32	`75178A98`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	07ff53eff0fc53e5_winrar 4 (with crack).exe
Filepath	C:\Windows\Intelx386\WinRar 4 (with crack).exe
Size	8.5MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2b8ba9f1a711c7dea5d2172ad06944d3`
SHA1	`32dd0493c080a816ec24fa919cadcfe1075b156a`
SHA256	`07ff53eff0fc53e52d493e764aca7fe2e4fb43948f53e124c26176677e080c78`
CRC32	`5F9B2192`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1af72f4d150440a4_psemu.exe
Filepath	C:\Windows\Intelx386\PSEmu.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`4cf69fd97d04304ef01091179d290901`
SHA1	`8323cf99a973490bfdc4600bd4a3a69ca998e689`
SHA256	`1af72f4d150440a448641aa999c4db6f363bb4d633b93f5c22de937e108e4b16`
CRC32	`1C1A774E`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	14a3d4d921c76fed_lolita pack 20 pics.exe
Filepath	C:\Windows\Intelx386\Lolita Pack 20 Pics.exe
Size	6.3MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ccacf561eec6f927a01a8d220c4d6078`
SHA1	`69d802a1462762d2c3c31a165115cd00499e2f21`
SHA256	`14a3d4d921c76fede562c89195288961d5443856a48175b81c1702c4a1417c7f`
CRC32	`0720112A`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	92dde8c3d00c30ca_shinchan screen saver.scr
Filepath	C:\Windows\Intelx386\Shinchan screen saver.scr
Size	2.2MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`96c322939c8a118350e18e487c0c5b8b`
SHA1	`27027df8fc7bf9b11c15800acf483676c4e8c9c8`
SHA256	`0cad5953672f39f7a01e18da144a3f5764db5952fe93e5693ef30bf528a03b9d`
CRC32	`80AEE331`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	db960e0724bb421e_resident evil for gamecube.exe
Filepath	C:\Windows\Intelx386\Resident Evil for GameCube.exe
Size	6.4MB
Processes	2224 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d14e08ed33bbdf540f874cdd6c1538e4`
SHA1	`3f516352e75f111284a367a9239a3575968bb746`
SHA256	`db960e0724bb421e3d5e7dfe1a0590fa31013d394f318fba7fdac68babd425d2`
CRC32	`D0EAE642`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Sorry! No dropped buffers.

ALYac	Gen:Variant.Zusy.310620
APEX	Malicious
AVG	Win32:SillyP2P-X [Wrm]
Acronis	suspicious
Ad-Aware	Gen:Variant.Zusy.310620
Alibaba	Worm:Win32/Small.c79bc00c
Antiy-AVL	Worm[P2P]/Win32.Small.p
Avast	Win32:SillyP2P-X [Wrm]
Avira	TR/Drop.Emuni.C
Baidu	Win32.Worm.Agent.bf
BitDefender	Gen:Variant.Zusy.310620
BitDefenderTheta	Gen:NN.ZexaF.34216.@F3@aSKNflT
Bkav	W32.AIDetectVM.malware1
CAT-QuickHeal	Worm.AgentRI.S9514316
ClamAV	Win.Worm.Hidprn-7191576-0
Comodo	P2PWorm.Win32.Small.P@32rtt9
CrowdStrike	win/malicious_confidence_100% (W)
Cybereason	malicious.bfc70a
Cylance	Unsafe
Cynet	Malicious (score: 100)
Cyren	W32/S-bc50cc43!Eldorado
DrWeb	Win32.HLLW.Xiquit
ESET-NOD32	Win32/Agent.NIQ
Elastic	malicious (high confidence)
F-Secure	Trojan.TR/Drop.Emuni.C
FireEye	Generic.mg.75011421585fce61
Fortinet	W32/Agent.NIQ!worm
GData	Win32.Worm.Agent.ASR
Ikarus	P2P-Worm.Win32.Small
Invincea	ML/PE-A + W32/VB-FFH
Jiangmin	Worm.Small.t
K7AntiVirus	Trojan ( 0000da801 )
K7GW	Trojan ( 0000da801 )
Kaspersky	P2P-Worm.Win32.Small.p
MAX	malware (ai score=88)
Malwarebytes	Trojan.Agent
MaxSecure	Worm.W32.Small.P
McAfee	W32/Xiquitir.ow!p2p
MicroWorld-eScan	Gen:Variant.Zusy.310620
Microsoft	Worm:Win32/Ymacco!rfn
NANO-Antivirus	Trojan.Win32.Small.femmss
Panda	W32/Xiquitir.B.worm
Qihoo-360	Worm.Win32.Small.B
Rising	Worm.Agent!1.9D8A (CLASSIC)
SUPERAntiSpyware	Trojan.Agent/Gen-MSFake[All]
Sangfor	Malware
SentinelOne	DFI - Suspicious PE
Sophos	W32/VB-FFH
Symantec	ML.Attribute.HighConfidence
TACHYON	Worm/W32.SillyP2P.Zen.C

section	GlFCfAHi
section	iqsNyMnI
section	seg1
section	.adata
section	_data
section	Shared

host	114.114.114.114
host	8.8.8.8