Fikiran Melayang Lagi..!

Malware Analysis  Part 2 - By Using Multiple Tools on Remnux Machine {Peframe, Pyew, Upx, Pescanner, ExeScan} ———————————————————————————————————————————————————— remnux@remnux:~/Desktop/Labs/Chapter_1L$ peframe Lab01-02.exe  Short information ------------------------------------------------------------ File Name          Lab01-02.exe File Size          3072 byte Compile Time       2011-01-19 11:10:41 DLL                False Sections           3 Hash MD5           8363436878404da0ae3e46991e355b83 Hash SHA-1         5a016facbcb77e2009a01ea5c67b39af209c3fcb Imphash            096aa05b8a2e1f2dc66fc73a1a978a7b Detected           Packer Directory          Import Packer matched [1] ------------------------------------------------------------ Packer             UPX -> www.upx.sourceforge.net Suspicious API discovered [8] ------------------------------------------------------------ Function           CreateServiceA Function           ExitP

File Name: 64.exe MD5 2241f43eca01bf059daada7a537d754b        Virus engine was   identified this sample as malware as per uploaded to the VirusTotal.com . AVG Generic11_c.LGF 20140806 AVware Trojan.Win32.Generic!BT 20140807 Ad-Aware Dropped:Trojan.Generic.11321666 20140807 Agnitum Trojan.Reconyc! 20140806 AhnLab-V3 Trojan/Win32.Generic 20140806 AntiVir TR/Agent.1986048.3 20140807 Antiy-AVL Trojan/Win32.Reconyc 20140806 Avast Win32:Malware-gen 20140807 Baidu-International Trojan.BAT.CoinMiner.bHN 20140806 BitDefender Dropped:Trojan.Generic.11321666 20140807 Bkav HW32.InfFil.dmys 20140806 CAT-QuickHeal Trojan.Reconyc.g3 20140806 CMC Packed.Win32.Zcrypt.3!O 20140806 Comodo UnclassifiedMalware 20140806 DrWeb