not-a-virus:HEUR:Monitor.Win32.Ardamax.gen (Kaspersky), Gen:Variant.FAkeAlert.105 (B) (Emsisoft), Gen:Variant.FAkeAlert.105 (AdAware), SpyTool.Win32.Ardamax.FD, GenericEmailWorm.YR (Lavasoft MAS)
Behaviour: Worm, EmailWorm, Monitor, SpyTool
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Summary
Dynamic Analysis
Static Analysis
Network Activity
Map
Strings from Dumps
Removals
MD5: 46d58dc5c249f81ff6cf73de50367d46
SHA1: 30a65a3cd672b113ef502a0d635cd4efee8c67f9
SHA256: df4343c8832a15982996576dfe199074462f0200ab77dee881a3efdf57211d8f
SSDeep: 24576:rvmrpKuQ7H44bQECCY61nG/lxKxgse2uxFgoIur9vdZR3R945kmRLGzebMd 8J4F:awuqY487yUtxKxg1moFr9vdfR9odbT
Size: 2260992 bytes
File type: EXE
Platform: WIN32
Entropy: Packed
PEID: UPolyXv05_v6
Company: no certificate found
Created at: 2015-11-12 23:23:02
Analyzed on: WindowsXP SP3 32-bit
Summary:
Worm. A program that is primarily replicating on networks or removable drives.