NovCon Minotaur Analysis System

Enter the MD5, SHA1 or SHA256 hash to search for:

Summary

Sections

Summary
FileType Stats
Identity Stats
Static Analysis
Screenshots
Origin Stats
Primary Domain Stats
Network Traffic
HTTP Requests
DNS Requests
Discussion

MD5:	4062ffeab173c0e0399a41c003cc0d16
SHA1:	b4fec3f6bf3d3f1b33f0d3aa25aaa8b19c36db24
SHA256:	36ac9d776ad1dad2b1ab4c3c057ee9bde1cb515e959c5749f52b2823bdd593f6
Date Submitted:	6/24/2012 7:53:12 PM
Malicious:	True
Executable:	True

Minotaur Sample ID

164113

FileType Statistics

FileType:

 42.3% (.EXE) Win32 Executable Generic (8527/13/3)
 37.6% (.DLL) Win32 Dynamic Link Library (generic) (7583/30/2)
  9.9% (.EXE) Generic Win/DOS Executable (2002/3)
  9.9% (.EXE) DOS Executable Generic (2000/1)
  0.1% (.VXD) VXD Driver (31/22)

Identity Statistics

Vendors Declaring Malicious:
TotalVendors:

VirusTotal Report:
http://www.virustotal.com/file/36ac9d776ad1dad2b1ab4c3c057ee9bde1cb515e959c5749f52b2823bdd593f6/analysis/

Malware Family Detections:

Trojan/Win32.Injector
TR/Spy.32256.194
Win32:BitCoinMiner-O [Trj]
Dropper.Generic6.ACER
Gen:Trojan.Heur.RP.bmGfaaujDmc
UnclassifiedMalware
BackDoor.Tdss.7916
W32/Inject.VM!tr
Win32.SuspectCrc
Trojan/Generic.ahsak
HEUR:Trojan.Win32.Generic
Artemis!4062FFEAB173
Heuristic.BehavesLike.Win32.ModifiedUPX.C
a variant of Win32/Injector.KZH
W32/Troj_Generic.CMPQO
Trojan.Gen
Suspicious
Troj/Inject-VM
Posible_Worm32
PAK_Generic.001
Trojan.Win32.Agent.32256.CK
Win32.SuspectCrc!IK
Trojan.Win32.Generic!BT

Static Analysis Data

Origin Statistics

URL ID	Date Added	URL	IP	Source
166515	6/24/2012 7:53:12 PM	http://www.lifeguarditalia.net/wp-content/themes/twentyeleven/images/left_bar.bmp	62.149.140.123	Clean-MX

Primary Domain Information

Level 3 (control)	62.149.140.123	Control
Google	62.149.140.123	ALLOWED
OpenDNS	62.149.140.123	ALLOWED
Norton	62.149.140.123	ALLOWED
Comodo	62.149.140.123	ALLOWED