Flattr this analysis!

Tags: None

Analysis

Category Started Completed Duration
FILE 2013-10-02 12:22:43 2013-10-02 12:23:00 17 seconds

File Details

File Name Sign&Account.zip
File Size 625681 bytes
File Type Zip archive data, at least v2.0 to extract
MD5 182731da0e50940ff885fce07ea6adc1
SHA1 547fa0975c955ad903080bb9bc208292842b166e
SHA256 815868e05709432850fd27ca39ebcdbc874bb8bd31eb4c7b9f614c5e813866ee
SHA512 53304080f1b7766c9eae95a8bbd0d47100d886887e9350a4586d61f92fa6035c440d5d29075cd1ced2db6024ed9fc9ccf573ed06fd87e2cad26cc8be4c17b7bf
CRC32 465D322B
Ssdeep 12288:6o/2mLUqFHfC4GJ19OXMdbQq6xB/I/AeZskL4NjLMFu0GIxXPupGQ3Ks8+iz3Z+:v//UE69O8d0qu/SAeCkUZGur0EF/RU3c
Yara None matched
You need to login

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious

Screenshots


Hosts

No hosts contacted.

Domains

No domains contacted.


Summary

C:\DOCUME~1
C:\DOCUME~1\User
C:\DOCUME~1\User\LOCALS~1
C:\DOCUME~1\User\LOCALS~1\Temp
C:\DOCUME~1\User\LOCALS~1\Temp\Sign_Account.zip
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
OOPS! No static analysis available, probably it's not a supported file format.
panel-.exe
_:<Do[
/jWoP
R oRnL
a*{{5M
EmH:^\
YPR=vC
6o%M~#6
W;5},]Na
#A1%xd
;^4r"y
\dTRQH
*Q2P-y
Pn2)[L
3~Ic #]HVH
P>;yqL
bQr\&h<
.*H"]L
H}|>GsN
&uT $U
8H{_D6
.!5AJ|
^N4@v~
H^G2L*
yHn!5C
p*y~'p.
KUxz*F
U<<m5;
!>AG4I
:zd5/"qWi|K
9KO"@-
y$g8D6
RHj,+s
jA ~{
,&@>9?
sUQnA>
A>C:n<$
@Lg{[YL
X1B$9z9
!z7ei!
x)\o s
;= D42s
*z39bv
Jr06!o
.}<GQ>
#;>e)#
\/.T&KN
pw&;ZmEk
.%iPIq_
<$jLe^
<3#i-{
[RCWCc
6+Q1Ph d
-ZxzfA
fjext=
t__|[Q
{}\"4U
KD1r~,[.
j|&0_BK
A~)R~i
D,cK,?+
ZrM*f
T<=;APY
IR|5oO+
SzE"RSU
AvI'UVU
C_60y'
t%MO<]
@g|Ag[
,|0<Y(
Z}O[yhK[
kMl7_?
60Pk:!wk
QzQG)I
Uhve4|
qfZkpF
x-qE5g
$p6Ck_
OB1&2Q
r<4#Qv
lYy\W=
pm#4#a
MD{!S)
_m{k%m
wfe75qI
1!su+L,
aM$*i7
,^*3A |
JW^DQ9
pTdnt@
)/MvE5F}
Ih92%^
'pVUse
i;G/qll(
r\HJm/Z
jluV"'a\N
7gA^{E
(D;5TS
.W]E*J
k9Z50
I=c?/]8
`XDh0`M
WaTm{1
Liyn:*
E`e#=!
>dT6eB
x!F9?~
f{~xh>
gY]`BwJ
k_*z0j
}d<u
G6Ro+z
G ?Q!E6CW
Ef5ua4
lxk<mk
q+-TEy
NjlfTVT
2ZJhY^
!kU:?I
5@R<="
j7nN".L:Un
^M_]*m]
R+DrkH
~JbD}n
Nqmh(r
S*a?Qn
_)mv(|C
)Chm68Z
c@VoA)i'
m8@B8
L^"wz/
lx"\Yb
P|VF2Z]C
fu6K+K
4m%)%0
">HPf_
r{w_st
/8vzmx
1):{hr
c#+cSU
iTj`Wm
Dk<6GM
u0P=5^
"q:"d;
%g+>U6
3P/}xJ%T&
lj<mjt
PT .FZ
\!gm(R55
;eW@m7
+MxE*0
Ur6B`q
Ig}IWV
0#@7-g
$(5]<X
kLcl{>
UA)c-Jg
KTJPQAm
Y7$?r@
4?2&Aw
Cpi_o_
m?DtnE
t.Yb?y
QU/?Dn
Y #+N[
\x{w$/
.-\%oo+]
I-wP{Nc
juYXf%
ADmGI'
3X*x,#[
6#o"%"R
f.hR_c
,4TWAr
3Tii5r$#
U0ne\#
m{m# p
.0#t(7
7BzNV!
L'4)f'
/?hJTz
vLn.?#7
YX/;|_
X,c_4Q`|
_)(sY$
GD>8P7
,X8qT@
a$c>Y.
"-_PO:
<p=^we2
siMt?
3E.Ym]\
g|@7y8
^~ANF1
"tZ,fW#3
jfr;S,&
j!ToeU
1q&I?\&
HO<;I_$
FOfKzaV
>G>Vao
|^CDy
ng7A;
ZmM$naH
N64gR&9
q0URvl3?iAgn
2E}aw6
jH=GKjF
*5N-,
ORDza<
_|OCW~
DfL+74 K
&)x/>T7I!
E0'TU:N
9~A5 v
N%bp+0
Zl Ia1
%glH(4
~p.4b)q!
b?y|O'
_r0qs3q
gHZzTawD
uI8ud+WA+V
%_EJ~+#
sB~+=a
EZW6^-7:Rz
3-!3=#
I`PZCmk2
tn2(Hw
bQl~0A
we%H
">'k6
OlJ} s
z ~>Nw
|"Rl!|
FSXXxDdT
Q,L4YO
$'7 3VO
?}:1Qj
m)%~MG
c?F#;2s`
#Rc1@3*
RN^G8"
iUN97*
L3l4|)#
Zub$BT
jK>'_U
2vQ;"Z
k8QD$l
oMNrlr
v3vJYXS
jlIrp$
yMT0z?K
f55~AU%^2fR
Z!$E _
B`=^Tw
QY@U,)l
!;+ &B
[M3QhZ
4~^4i+h
=#/M@0
eK}[|/W2|%IN
t&|NH*
San-j:
n<9E,Gt
ouKH`1
N*x.f{
gA%3d$
TdXb{;*OUg
4^wks.'O
]AF_yT
7`bhn(
O{/*W!-
mL*1#(*
wxz?T"
,/\lQa
/{|j@/
)++%++55
G1>rg2l
kW+Uvh
5`bnHW
@rCnIC
MfzGBx
hM`iM`~M
{Lf.aw
:hDUh
-V|V?E
yRX>FtXo
ZoPNaL+
BV %x!C4I
q2p?H#
1'LqD<~U
#&e!1
w!)*u
!q1r1
2!`&n?
9d5X?e=
x\>5lF
@zUyimY
g4Y,)S_
Jzb:8m
\i`,2w
cgxk7b$u
hx*kxi/
XnvPJvp*
Kt292yCv
TuN~na
UcsxmK
U;;:hC
M*MOx@-
;LC(/7
ayU25=
Oo<tg*
$kH2ZL
:q#f-[
U1T6G|
pz|';fJ;
KYbg0Y
RzlwHc
;m"'Zrj
([?D|z
0+'4+74k
TFGK%N
\9X`sAzsP
P{tV
LSz?o9v
ID|<'0
S1 nYV
gDaD/qu
B-{#.!
VCyeo-
&'=Zvw
I#e&,#
h,#i>E
k,F"eK
(,E'YY
zbO|A#z
{ebSh~~Vpy
xkW <Y
@*ju\*
?hA#G}K#
J57D+u
6*^h^Z
`]mR';
1ItHZ:"r@;u
SL[&'`5
S+Ai?dQ
y0g{Y,
2vK%!u+5
PhhZmM
2vSPt48
(im5Q7
zi4T.~
3L@H_=&m
O<yNlt
:KufT(
f9FfL9
.Q{{7_
DMk,N
,j*5i4
b>P~7S
T?<MR}
socJ+D
)]3:D5
|^2!_]T
|K\cb:
'LW3_yoh
9'v,3^M
4(PhLE
S9&Q.E
d?TSMEmK
2FZ:2DKR
XKP:Il
P-.[qK
Npeo|VK
(eiXuhl
wPh)aY
QyZoxH0e
GJFPw`
Rj6)5[
X`jJuz
Pj]CpX
._:rb+
3y^GyF
eWN(5\B
\MNIIce
h|o}DQjp
Yg\:Jw
bez_|L
Fz3|c#g
ILh*sE
&Pw&oJn
y6T-)z
<`87t)[
^sV8-O
<#lkOJ
K`$f{|
wMYCPK
2|FE "
iQ\bP<
%`)\l*
D3'bb1
3?g`mg
Da4:-F
z)H#&h
k&`-aX\
Z+&=@Km
P#R75G
+lU_Pe;0
r2vE+1r
#G'sXhr_V
~!FunU
y0hYt-
WA'ro}
q#Gy7-JS
<g^5i7z
*t\ot\ol}
fPj*gA
0` ]FG'
_pM?RTx
T?i*K/
mMD2r=
.T|4T|,T|
X<E.qw
<(Z}Lro7
x~g;;<M#
7AniT}
hOGEc=
UWst(*0
`{&(h~x
.KEh:\
NmY+{R
cCAfxi
{a-}8
?l7I_pWvRsF
^e']?N
&\WW:6\
JGY[(C3
,s Mvz
(K'jb
%fff[ A
r!H!~>,
G{K/U'
#F_cC9
lMhe[B|3
AO->Z<U
N_@xJE
%J"2=
<AO'=#'U
vFmoCF
P)'Jo'
Ot)h.j}O
}y(i|{Z
&Zq% XJ?
WMQKyf+
a.n&W4
:]Nooy
%VQv%_o
(]*8}2[N
tckDm'
b]\|~9
1.5XXb4
b-]d]2
'<6q`4F
mMn-Rh
\cXa%o
8lS';e
EzKNKoI[J
|&.7CZ
|@:L}7<
D.5^1J
NCf[cP
$4DC*T
;Cx]O^
jJGlUl
~+Y38+L7
,llo:XZ#
AgQdhm
SH3G#T$
qk&0ot
zmZ4*Q
k[dcCg
bh|$b
WR?KOud
E$ 4m(M6
;i*:R1
{?$Tqd
B8orcQ
B;%@hs
ZyO5=D5h
5<&'2C
682ksJ
#ah<P!
|Q=+*N
M#%]K^
qL]Q/S
qoB;K^A
|y-HVlf
Oi;zP`
EciGWz
{CExCu
/W0H=$
X-n:Jd
I"v":M
Sb=Y{D
l,/jE-#
"]n;x2
HtcSUC
Q|v$]F
bf}*]h&
@hM:'W
WlQ,pz
kq%"]+Mz
1mJ>XJ
6@.`:`*
,2=o:^
p\Av6=S
a/m%74o
4o%btVa
8N?&/j
1"v0iy
_]c:;l
]D2<!+
m.ZkR=p
e@9DW*
?yly&d
5V$|V]
8i4tKw
xq<^VT
v_B%a^qx<a
srfNgF
b_04kvj
X|9K&;*\
yJqxDn
Xog,~,
&DcGfR=0~
u2f?}V9_
nmwVAq?W
r^xM8
pXl\*~CI
~/;eU+
;*K|U.u
{=:|6?i
N9u!8/i
N7--&7=
nZBxt}
?=Z8VQ0
#Rg{r\
u75Nz%
*g^4~b
~O' m
H%.E!6
A_<8ue
TrRRhVV
(a7QN]
Brrr"[[[Z
s1EDDPZZ
~z/<T.
(Yl{qV
+6vP,/s
tuv8577
*-[66[
>OXYg=W
ydb"E'g
:Wss>
kCCC~hS
%.]z+<L
KfEW,}$
%eGO{m
=d[}F>
5MJ#z)
647QKc-e
hqp.M[UF
LrO*'w
1ITx(-
P[_Y:H
gS1-_Pr|
***((4
w[:::,
x]JSy`
&c~r/9
z9jD{k
1)to'3.
q>t_.3
Ht?<3&
G%XTf<*
fzS,33
[b(&\*
IU}LRqm
B*9>F*6*R
Ps2WH
B*(4Bj
WW[uU{u7
&Bgc"*
KZ8az+
ir;']
qY;I7t
\ZQQ!E
xwsD\k
rK~WwK~
|nR06em
IL{?.-
;yseBR
k{&,]{
4<1{itF
7e7ln7~sO
;2{cwf
\g,&>Q
F<SkdST
|.VEz1
b`_<&K
o+<*.y
eeeR]]
?9.2.Y
P(_d~+
&u(5K/
IY[pZ\v
ikoVTTh
~UgRox2F
ClXU6!
40^\4&
wuu)=1
xXl8vT
(<,[uj
6`U?!++a
*;uGdS
H8tLiU
UM_yiB
"Mu5R\T
u5z)=zG
yi5}jz
Y9RVU-%e
+Vr:<gL%
@>/D;y
={=$,"J
?p[/Wn
$.I tK
\":Wt/
!cBbO}:W
'YJI'K
_nkU?,
PNA<'!
& o@\'#'}
0}T5kZX=m
+,ygMV
ZB'Q[#!j
4KJJ4w
}2=_B3
>h54_c'
Xhr08Nj'Z
.:t^7I
~0koo7{
/BFD4
eC&ie#
8'f=sY]0
X&uK?-wK.
[x*;x3
@:9 wd
3:%&kdJ
;4%<wdJp
oX\|B,
S4:7,s`nb
zt`~h
vhr3BBf
}bhy|1
~an*XNk
z|ar+Y
5#fQeCf
;$vm8$t
455iZZZ4`
7[zLfl
hb;H4i
=Kk[<K
t-xgt-{'w
L&+vvv
=0&x!
).2th+R
G~gggN___
o59g75
e(f(C2
rrr(++
u`(44t
jz')//
886u5.
r/~JnY7Hx
xyyM`4J
Xzjja]dve[X~CoX~c_xA
`xjY[D`Ba
'Q<rN<
H(W~gn
.qLA]@
P5{;){
qd=#[l
;7x0mmd_
t:jii!][
?<<L###
y-yPTT4L
BTJ>v
{nZej:
ga]:^x
u}c<_:^
|deU?V
asd&v'Z
faGt&V
G2@9@mWn
:q^5jr
R. 9{
f-9cXQ?
qJa_y@
NZ9&_D0
Et*e@f
!R-a(e
<0}3zln
.}/=/
i?|)?f
Xwxw~?
#?(9~
VAn?H[
h_x>HY
('XvB$
s2\xo
7r_`ra?&
|NmM-Hf
P>PN(`V5y
[@:_q?
vFq/|U?
|\=Kg#h?
_BN)v
5Bg"g
x^!eE#e
?!?!?!
\W?Cm_
#x<:_>@
^8|yr.
[*>7am
+B-fpD
}T#U|_
mo=i[ZFlUy
V?k\2n%#
0-{\|Z
Y>aqB]
+F^HAg
YrNrJ2F
}`'8
>u>fA1
OKgv@?
dteuu-
bwH}{^
pbsbxj
!mzLhl
LKwOF2
+6f9B5
RRRbb{
vtKs<%
KZ:3zT
?OX_O.
9|799bLpA
W?iy;\
$''KRR
=Q{twJ<
1,mCSR
S}CknZ
<!laRk
|pnVVe
9[T*g/S
?{F~u|T
63=U111
:j_6q>
9\^r8a
9h~`k
!w38`J
cQw'}A
uMP0:E!
T'<>1Iu
kdrVFW
46eddD9
dzqsWK
1c$-=Kr
N>.x$GsW
z;yRs&
J~vvR~
md~Yc~
*"*JQ@
Sc- `v
\bVsCY
J8F@z8
wg"deeyggg
?2@Vhu
8A(-U:(
eaz'=E
o;REfa
nAYF}L
!%x>*
T-/tRy
qM#n4
};[[;W
GQVquQ
OOTj0>4~
b\G%,8
rC',Loz
oCguWr
V_VtjZzJ
Y5zu{r
IKS<X4J
VI{>K
e}xu5A
>4R$gS$
N`6yJv
B2G;t5S
+gL|Fg
?@ZJloD
BA|QOZ
*F(^<#\=
a+ti?TPc
OC1):=
u)\/oy
U$n,;
Hkku'O
3w<xzi"
zJ}G_s
@ra(:<
15J4<J
dp!7K>*
Q|b2G^
%k>Ig,
"*aYO"H9
CoT&?F
UlvNu]
"k]4'V]
Ez%ea5
24;lI936
:he'rE
$x!;~z
SX &IP
C.=n}4
VaMZ'{
Z=:SoX
{AAe@7
f2J1{h
KlD -=
@}`VYn
_Kj)02r
%)>{KZ,
([\|8k
RmYfgu
&u9~lF6
]f'RN$
af|`f#
"qI4duYn|
CC*_@F
?r[wg|b
Y/QuxAw
JZ.qf2
.u;(fM".m
`J}g>D
WJHt|R
WR\2|F
)IID>;
la67cHQ
(h7z3Cm
}GtY}Q
D\\':V
.F#yHl@
9QnIH&G
P:gGU
FqSVo n
/,`^@P
?P|iK/
"oq@7u
A!OO|X*
Lk'{o*
%^kt9;
KIW?Me1
~`%O%o)&
epfqd~
;i!t;[=
V iIyk
0?nxu7
BvZFdh
9txUmv
];5yPr
-cJ8]e
gOVSv]
kx$_jt
jH=S?8l
?B)iZ$Is
*PL(Zs
XT+r;W2
N<pd)@
#Z0!!7
@[_Oi!%
@UxD:f
rE3,?O
iInL^x
&qH^D[u3(
WCII!f
Ut(6\v
ExahXo
OP&UWl
OJRQu)~
WelQHT
R0=OBlRu<
v!z #hQ
u%Q8=G
~Tu)EII
]rdmdu
d(@X/9
$O@)*$
CMu0gM
mMqOi|
r[sjPX
X=&~["
iKbXY`
eWnB.L
D49pkD
*4P+pS
R6obB.c
u_'o5/
0>m&Lz<\
k{7OB"
33uG_a
%,9E09
2O5y];
xqCWpH
#?J(w8F
3d5 Gy
<eg^*1
s,,FHv
8fGmLZ
A1Sdy;5
MQy;!*
'"}M#2
ad*$]3
wrK<]EW
:an1DK
|iOrUx
>NfjO)
s04uxC
~9lOV{
<4"?^q
XVC/fX
De;9e]
aN~ -[4
STZB&8H5T
Q~8C.:
8k`9;/
P;kM
K3.deG
A81[GL[p
g*sU,I
%+!Lr= ;
~'znA)
4&V|WN,Ca
h\i\:6
XTE^eE
[g|($hB
++l=Irj
AiwIi16@
m]lS5z
HG)Dk2
Nd['{0
UBJBk
dV:%ZV
_wEEV
!wuW@P
j*ep2$);
'db\Aia
%X=X>Y-W
{}"R%^p
Q)1,0T
(iK<"x
"1N_n5}j
sng~%.
L'C6e'xH
qX46F~
hsc~o(
As@k!9SR
zgbc#8
}#F>h
V=fbk%09?
o&IV.L;
'yGrHh`2
&-PNQ
z\90*O&
@|&7
I&I.|SY
}(t":2
vUp#:t
4S9E@]
&48^75E
znw'ju
B-S@3Q P/
]q-qp8
P/_f%[
LQT2^W
AF*9x
u;g$CxF3
RQje[R
ou{tO{p!)KN
u|lNzl
PU+dwA6k
.cM42(
)(c#(b
an:rh#
8-s2Y
A+g(e"
)NOM$`+
1G9<I8
m(`[y 2
h",l)M
ID-l!&
<*[*\`
p:,AC%
P3Paww
ActX$[
nY,(yiN'
7FqM^2
VGVDx2
!T74GZ,N1
4N|i9K
C*#-+LB
{Y{7iB^
S7^ILe
t9 UJuk
v8-XHb
EUPksA
y2kQNy
ff"{zV
9[m@z_
wgk$ZB5X
<AYzg/
^l93cw
XE@,z`
|%F}1l
rYl=)K!
D-dR0_Y
eX2RUet
Ty4/_-
b*aiSt
cvYBG.\
P1foj
BXeF2Z
RBpt1b
s&[*tY
MQ)]Q%M
*p@7EO
& aZalM
_0Al?LZ
Px~lCg
4wqRp@
|V`SL>spt
xe\lZw
z_|qV~
qJ+:/\
E#k7^I
i'm>NzA
A1D{'-A
AsGXn%OZ
6Y SkiC
*W;}#$\It
Y|&h{qL
;vh`_#
y3-CU.
Jhn=@m4
w[Mf?N
9yAQN>p
VeEki|Bh
Hx{[w-
t4ZGqb
o_-1R1Ta
ZGGHxChk
o||f!x
`@h(c_
`_0yz?
W@:&Oh
B\]Rp]b"LV
:-`vx
/C%+6-
4Ds;e31
Lh+X[L
5r%7E.
H{AmHg
1kuXm(
6zcWdP
gxr&n
GTTL(d
panel-.exePK
Antivirus Signature
Bkav Clean
MicroWorld-eScan Clean
nProtect Clean
CAT-QuickHeal Clean
McAfee Clean
Malwarebytes Backdoor.Bot.AI
K7AntiVirus Clean
K7GW Clean
TheHacker Trojan/Spy.Zbot.yw
NANO-Antivirus Clean
F-Prot Clean
Norman Clean
TotalDefense Clean
TrendMicro-HouseCall Clean
Avast AutoIt:MalOb-CM [Trj]
ClamAV Clean
Kaspersky Trojan.Win32.Llac.dleq
BitDefender Clean
Agnitum Clean
ViRobot Clean
ByteHero Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
VIPRE Clean
AntiVir Clean
TrendMicro Clean
McAfee-GW-Edition Clean
Sophos Clean
Jiangmin Clean
Panda Suspicious file
Antiy-AVL Clean
Kingsoft VIRUS_UNKNOWN
Microsoft Clean
SUPERAntiSpyware Clean
GData Clean
Commtouch Clean
AhnLab-V3 Trojan/Win32.Llac
VBA32 Trojan.Autoit.Paket
PCTools Clean
ESET-NOD32 Win32/Injector.Autoit.TK
Rising Clean
Ikarus Clean
Fortinet Clean
AVG Luhe.Fiha.A
Baidu-International Clean

  • cmd.exe 1088
cmd.exe, PID: 1088, Parent PID: 1824

network filesystem registry process services synchronization

Domains

No domains contacted.

Hosts

No hosts contacted.

HTTP Requests

No HTTP requests performed.

IRC Traffic

No IRC traffic.

SMTP Requests

No SMTP requests performed.

Sorry! No dropped files.
Bummer! No comments yet.

You have to login to comment.