Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Flystud.KA

Trojan.Flystud.KA

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 10,494
Threat Level: 80 % (High)
Infected Computers: 1,105
First Seen: October 10, 2022
Last Seen: May 30, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Flystud.KA
Signature status: No Signature

Known Samples

MD5: 87e329987e3f162f21743d77056c8241
SHA1: f9c83c410f54ad8463eb00c64f1a9997484b5af0
SHA256: A5404EFD51AEB9966CC3F7284DC3D5E36DFBE4A8AE19FE3FE9B7042C08977F7B
File Size: 2.34 MB, 2342912 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Comments 汴京吧
Company Name 浮华若梦
File Description 天龙群侠工具箱
File Version 2.1.0.0
Legal Copyright 浮华若梦 版权所有
Product Name 游侠—天龙群侠工具箱
Product Version 2.1.0.0

File Traits

  • x86

Block Information

Total Blocks: 3,303
Potentially Malicious Blocks: 1,084
Whitelisted Blocks: 1,736
Unknown Blocks: 483

Visual Map

x x ? ? x ? ? x x ? x 0 x ? ? 0 x x ? ? ? x ? ? ? ? ? ? ? ? ? ? ? x ? x ? ? ? ? ? ? ? 0 ? ? ? ? x ? ? ? ? x x ? ? x x ? ? 0 ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? x ? x ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? x ? ? ? ? 0 0 ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? x x x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? x ? x x x x ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? 0 ? x x x x ? x ? 0 ? ? x ? x ? ? ? 0 ? ? ? ? 0 x ? ? x x 0 ? ? ? ? ? ? ? ? ? ? x ? ? x ? ? 0 x x x ? x ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? x ? x x ? 0 ? ? x x 0 ? x x ? 0 ? ? x x x x x ? x ? ? ? ? ? 0 ? ? x x 0 x ? ? ? ? ? ? ? ? x 0 ? 0 ? ? ? ? ? ? ? ? 0 0 ? ? x ? 0 ? ? ? 0 0 ? ? x x 0 ? ? ? ? ? ? ? 0 0 0 ? ? 0 x x ? ? ? ? ? ? ? ? ? ? x x ? x x x x ? x ? ? ? ? x ? x x x ? ? ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? ? x x x x x ? ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? ? ? ? x ? x ? ? ? ? ? ? ? ? ? ? ? x ? x x ? ? ? ? ? x ? ? ? ? x ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? x x x x ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x ? ? ? x x ? ? ? ? x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x 0 0 0 0 0 x x 0 x x x x x x x x x x x 0 0 x x x x 0 0 0 0 0 0 x 0 x 0 0 0 x 0 0 0 x 0 0 x 0 0 0 0 0 x 0 x 0 0 x 0 x 0 x 0 x 0 0 0 x 0 x 0 x x x x x x x x x x x x 0 x x x x x x x x 0 x x 0 x x x 0 x x x x 0 x x x x 0 x x x x x x x x x x x x x 0 x x x x x 0 x x x x x 0 0 x 0 x x 0 x x x x x 0 0 0 0 x 0 0 x x x x x x 0 0 x 0 0 x 1 0 x x x 0 x x x x x x x x x x 0 0 x x x x x x x x x x x x 0 x x x x x x 0 0 x 0 x 0 x x 0 x x x x 0 x 0 x x x x x x x x x x x x x x x x 0 0 x 0 0 x x 0 x 0 x 0 0 0 x x x x x x 0 0 x x x x x x 0 0 0 x 0 0 x x x x x x x 0 x x 0 x x x x 0 x x 0 x x x x 0 x x 0 x 0 x 0 0 0 x 0 x x x 0 0 0 x x x x x x x x x x x x x x x x x x 0 x x 0 x x x x 0 0 x 0 0 x x 0 0 0 x x 0 x 0 x 0 0 x x 0 x 0 0 0 0 0 x 0 0 x 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 x 0 x 0 0 0 x 0 x x x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 x x x x x x x x x x x x x 0 0 0 0 x x x x x x x x x x 0 0 x x x x 0 x x x x x x x x x x x x x x x x 0 0 x x 0 x x x x x x x x x 0 x x x x x x x x x 0 0 0 0 x x 0 x x 0 x x x x 0 0 0 0 0 x x 0 x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x 0 x 0 x 0 0 0 0 x x x x x x 0 0 x 0 x 0 x 0 x x x x x 0 x x 0 x x x x 0 0 x x 0 x x x x x x 0 x 0 x x 0 x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
Network Winsock2
  • WSAStartup

Trending

Most Viewed

Loading...