Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.ShellcodeRunner.Gen.DO

Trojan.ShellcodeRunner.Gen.DO

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.ShellcodeRunner.Gen.DO
Signature status: No Signature

Known Samples

MD5: 1196c3b09fa34abdf6b625c6443d773a
SHA1: c6ddccb5f542d8216cb05b82243db4ef990e5169
SHA256: D94463DD8159B64285246F19780996D38BE100D6CB3E172E5732C0094D687FD9
File Size: 1.11 MB, 1112576 bytes
MD5: 15ba7938e8e9b12936b68d5690c10d9e
SHA1: a1b4dedbd6bd11cbdf27e9adc9805832324a3bbe
SHA256: 7B0AD4EB2C2E2AB205F9146E56C3BAD530A94CD678473D7680090ED8C35FF795
File Size: 1.73 MB, 1733632 bytes
MD5: bc962e61b99543e4b034d3f5fb4e0a07
SHA1: 4eff1cd9bba804141d6366e02c0849a6989e9286
SHA256: B9BD66E9F4F142800DA552B19C27FD0EC0EC9930BA1EFE130D1AE028B89EB8AA
File Size: 727.04 KB, 727040 bytes
MD5: 941a1dc8531e8d4f757df305d44d804d
SHA1: a72e3c90166654dca0b7966e15320d428cba2621
SHA256: EA2C9E343CB116DDAE3AA2426BECF6AAB5CE53B4A9C6A0F19BB03102011576BA
File Size: 4.40 MB, 4401664 bytes
MD5: db3ec2865d2e364148743b8778e572ed
SHA1: da87a1d09cde4abdf7fc146ba603d2333ebcd248
SHA256: 9B4198DDA283BD3C8FA1BA14A93A140B10A35ADF5875D805C9926199E4EF2E5A
File Size: 2.65 MB, 2651648 bytes
Show More
MD5: 4d010f7f68a9c8b6e73acb263dab49c0
SHA1: b8d0451e4f70c25d1328637e6cda14ec5f98df41
SHA256: 5B0167AE087B42956AF8CD58A0ADDFDAF5A766B485D0F8242C737D888E1D572E
File Size: 1.11 MB, 1106432 bytes
MD5: 2e51fa566ccaeb63503777979e8475b2
SHA1: 02a262ae77d40d9aebf007fb0ddeeebb68933f13
SHA256: 4D6C582B02D2B9AB47B2B8625F0C96A73D44E332E0E32796A70CCBDD8FE7944F
File Size: 730.11 KB, 730112 bytes
MD5: 04e787235cc25e70f5aedebb068e0367
SHA1: 7773c650b26e51e17bc5f22187e370d7df0dfa3c
SHA256: A749EDA4891F48DEF49D5C9270044CECF6CCF77867D954C801F27C5C4072F502
File Size: 726.53 KB, 726528 bytes
MD5: ea803a0613f2f8b18ab09c8a6cbcadad
SHA1: 8c51056a3850496541c37021b2259ecef5b1648c
SHA256: 556D5F17A11980375C835B2F66AD567AD9449832B0FA34BC5AE512DB440D6DB7
File Size: 1.11 MB, 1112576 bytes
MD5: 9cf857ca44e7d31c087c55031171f76c
SHA1: 15de620c2f75ae9aaaf6da35c656288b0e88ccbe
SHA256: 180FF00391869983BCF12AB8A42D3FC48ABF5A72D52DF55197C8E742B3982740
File Size: 1.11 MB, 1113088 bytes
MD5: 752eec315113d6d848adbbf58dac5efe
SHA1: 8ec82315f80293d4cd738bf91990e0100b624194
SHA256: 40C9CA6B2C83A18D816B445B5167164877F83D1F86EFD4955AFCE7AD366061CB
File Size: 2.31 MB, 2313216 bytes
MD5: 0e1cec3acf23ef12c38abc43a74b5083
SHA1: 2d57a192cfeaa86e9c0fc05b677fdb43ede84273
SHA256: 27D1BF648AE648D9320E6850F7773B32DBFED15FBC78B4A16D4EA23FD2A6D31C
File Size: 990.21 KB, 990208 bytes
MD5: e640d815107d343a8a4a4b76bf8042e1
SHA1: 21517590fd9b3fbd4cb8b68ea2e97063b9b12d29
SHA256: 563D79B337DA51F136F6FDC9C460E6E4197581E071AD80FF53CB98276448595C
File Size: 740.86 KB, 740864 bytes
MD5: cf363dabac66acf235f7a534224d511e
SHA1: f94017ba5bcde0381e4d607b3f83a14c5ec947a2
SHA256: 056CE4383C98FDB67A4B08D91B3258545AAB22E71D9EF3429DB4F22C9B0DF76C
File Size: 1.29 MB, 1291776 bytes
MD5: 0444cb1bd075ad765c319129b1798f68
SHA1: faf07606f560d450102e3699e118fb97cb714977
SHA256: 7D5CBA1EF55A4C46CE5CC6C93E7D691B18CE4D54864D8D0EEF4D2223A7CDCB8B
File Size: 128.85 KB, 128855 bytes
MD5: e9a6e779234adc4f9864e56d2092144b
SHA1: 0787c219232a4aa8da68cf121413f551f863e890
SHA256: A3ED72A306D687D4F4FBC297AA6EA5092D0EC37B885220F288F9B9AE1833A268
File Size: 722.94 KB, 722944 bytes
MD5: ac441c04c95a0d54fa7571c616bdf402
SHA1: 6c1d85074a573105149f6f4c1e333f4b4b1df04a
SHA256: DF5B1E87365A9EE29B7FEAB53B4F40207F6DA7E38D2725F00F4E984916AF8F09
File Size: 2.13 MB, 2127360 bytes
MD5: 26d71536f0958339c2821f3ea85b2ea6
SHA1: f6005448f9fedf82539b3dbe8c448687df4ffe9d
SHA256: 1ECCCF38E619EB85CC748A4FCFD6562FBED9D0F0094C5D37670751AD7BFB381F
File Size: 727.55 KB, 727552 bytes
MD5: c9bfa5fa33d3c7e5bedee7eb73d9c0b1
SHA1: 9336af10284a12c2a9d84f06e83c380dc229982a
SHA256: 46CD58D50001B7DFDB345A2F78E8302BFBA7DF6B60E2398635141412EFBE20DC
File Size: 1.17 MB, 1171968 bytes
MD5: a6ffa3d2134fd9aa98f2bccf8307a947
SHA1: 597ae97895a46e022ab2fb731515e26cbfc8bb28
SHA256: 96B31F44FB8B195452C2D8524804DB24C2A374BC19789C9C653AA5BD20CEB520
File Size: 725.50 KB, 725504 bytes
MD5: ba19a19c2352931bc493b838125fe792
SHA1: 4beaa50bfc63a4e60f623ef936ab901309211a70
SHA256: AE13D5B07847B6839E1BEC435F470A9EBB4983C7634C973B99217817ABDCB8EB
File Size: 995.84 KB, 995840 bytes
MD5: 8428728dcdcdeb87f4859c21050f8e51
SHA1: e78d71fb5ddff50e44a127ccdcb101f0fa636a08
SHA256: 58B49DA3C9325304538EC75BE6CAEBFAD4FABDF986F64C212E108E80CF3DA046
File Size: 1.94 MB, 1935872 bytes
MD5: d472982db91fb724bc8dc22ebf5aa1e5
SHA1: c20903114823229aa63925b4427c1720b4b99da5
SHA256: B8D701D1895EF51624BE1473FA0F0EEFCE77405139F839A0E4CEADB1287FCC08
File Size: 1.11 MB, 1113600 bytes
MD5: 3ff72118ec0557c59e0c70a3d8ed0a54
SHA1: f25793a31c9cd678cd85d119e350d87fbee4d2b8
SHA256: D6D156F135259F55A1237F020C1727E42A869D59D3E276F883D844A3EF158076
File Size: 726.02 KB, 726016 bytes
MD5: 69737363258c4031df98559cef36d58f
SHA1: f5b39298b2982821e1fc845d4d51ed23c1be59e5
SHA256: 42AB8A44562D1BFE8132014294A6DC7317335C7A025DD70CD07B5143E21B255E
File Size: 1.92 MB, 1918976 bytes
MD5: 14ed5341c7cdb1ee68242fc981acde26
SHA1: 73c94ac0c22bf871da86f363e3ff0a251909b65f
SHA256: 2E0D5637D5205FB0488D77263957555CAC4240791380116765B79059AE14B2C9
File Size: 1.27 MB, 1268224 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name
  • Advanced Gamma Solutions
  • Advanced Micro Systems
  • Alpha Future Logic Inc
  • Base Core Dynamic Group
  • Cloud Alpha Nano LLC
  • Core Neural Dynamic Group
  • Cyber Beta Soft Group
  • Data Dynamic Max Technologies
  • Dynamic Delta Ltd
  • Macro Micro Inc
Show More
  • Max Pro Omega Ltd
  • Micro Cyber Logic Ltd
  • Micro Macro Systems
  • Net Delta Group
  • Omega Advanced Data Ltd
  • Omega Logic Future Solutions
  • Prime Net Soft Corp
  • Quantum Cyber Omega Inc
  • Smart Pro Base Systems
  • Systems Soft Micro Corp
  • Ultra Beta Quantum LLC
  • Ultra Gamma Web Corp
  • Ultra Omega Core Technologies
  • Universal Ultra Solutions
  • Web Digital Technologies
  • Web Prime Elite Corp
File Description
  • Composer Virtual
  • Engine Quality Interpreter Pro
  • Enhancer Efficient Concurrent
  • Excellence Finder Enhanced Quality
  • Global Blockchain Async
  • Hyper Viewer
  • Improved Detector Professional
  • Innovative IoT
  • Machine Express
  • Max Basic Exceptional Framework
Show More
  • ML Transformer
  • Modern Speed
  • Network Augmented
  • Professional Exceptional SDK
  • Protected Manager
  • Protected Verified
  • Quantum Tree
  • Scanner Standard
  • Secure Speed Parser Enterprise
  • Smart Enhanced
  • Speed Analyzer Superior Renderer
  • Stack Enterprise Validator
  • Trusted Async IoT
  • Universal Dynamic Fast
  • Viewer Navigator Parser Super
  • Web Direct Safe International
File Version
  • 20.2.10.2318
  • 19.9.19.6583
  • 19.3.34.5855
  • 19.2.9.9296
  • 18.9.22.152
  • 18.7.73.1418
  • 17.2.99.7463
  • 16.5.95.5332
  • 15.9.13.9172
  • 14.7.19.7228
Show More
  • 14.7.11.7629
  • 13.0.22.5493
  • 11.4.91.5301
  • 10.6.35.3362
  • 9.2.88.596
  • 9.1.3.156
  • 6.6.33.9663
  • 6.4.79.6857
  • 5.9.25.4586
  • 4.7.63.323
  • 3.0.25.8798
  • 2.9.70.1932
  • 2.9.4.1915
  • 2.8.9.7636
  • 1.9.7.4490
  • 1.6.73.1475
Internal Name
  • advanced_universal_pro
  • ai_compiler_hyper
  • auto_mega_interpreter
  • basic_cloud_easy
  • buffer_innovative_ai
  • certified_total_protocol
  • comprehensive_efficient_plus
  • distributed_excellence_trusted
  • easy_enterprise_tree
  • easy_streamlined_business
Show More
  • enterprise_cache_pro
  • international_cyber_ai
  • interpreter_compiler_distributed
  • library_hyper_hash
  • next_intelligent_machine
  • productive_runtime_global
  • protocol_async_modern
  • pro_augmented_plus
  • pro_cache_global
  • quality_stream_ultimate
  • quantum_blockchain_framework
  • rapid_parallel_data
  • robust_protected_auto
  • simple_intelligent_data
  • stable_enterprise_optimized
  • ultra_basic_global
Legal Copyright
  • Copyright (C) 2020 Max Pro Omega Ltd
  • Copyright (C) 2020 Micro Cyber Logic Ltd
  • Copyright (C) 2020 Omega Advanced Data Ltd
  • Copyright (C) 2020 Quantum Cyber Omega Inc
  • Copyright (C) 2020 Systems Soft Micro Corp
  • Copyright (C) 2020 Ultra Omega Core Technologies
  • Copyright (C) 2020 Web Prime Elite Corp
  • Copyright (C) 2021 Advanced Gamma Solutions
  • Copyright (C) 2021 Base Core Dynamic Group
  • Copyright (C) 2021 Core Neural Dynamic Group
Show More
  • Copyright (C) 2021 Data Dynamic Max Technologies
  • Copyright (C) 2021 Macro Micro Inc
  • Copyright (C) 2021 Smart Pro Base Systems
  • Copyright (C) 2021 Web Digital Technologies
  • Copyright (C) 2022 Alpha Future Logic Inc
  • Copyright (C) 2022 Cloud Alpha Nano LLC
  • Copyright (C) 2022 Micro Macro Systems
  • Copyright (C) 2022 Ultra Gamma Web Corp
  • Copyright (C) 2023 Advanced Micro Systems
  • Copyright (C) 2023 Cyber Beta Soft Group
  • Copyright (C) 2023 Prime Net Soft Corp
  • Copyright (C) 2024 Dynamic Delta Ltd
  • Copyright (C) 2024 Net Delta Group
  • Copyright (C) 2024 Omega Logic Future Solutions
  • Copyright (C) 2024 Ultra Beta Quantum LLC
  • Copyright (C) 2025 Universal Ultra Solutions
Original Filename
  • advanced_universal_pro.dll
  • ai_compiler_hyper.dll
  • auto_mega_interpreter.dll
  • basic_cloud_easy.dll
  • buffer_innovative_ai.dll
  • certified_total_protocol.dll
  • comprehensive_efficient_plus.dat
  • distributed_excellence_trusted.dll
  • easy_enterprise_tree.dll
  • easy_streamlined_business.exe
Show More
  • enterprise_cache_pro.dll
  • international_cyber_ai.dll
  • interpreter_compiler_distributed.dll
  • library_hyper_hash.dll
  • next_intelligent_machine.dll
  • productive_runtime_global.dll
  • protocol_async_modern.exe
  • pro_augmented_plus.dll
  • pro_cache_global.dat
  • quality_stream_ultimate.exe
  • quantum_blockchain_framework.dll
  • rapid_parallel_data.exe
  • robust_protected_auto.dll
  • simple_intelligent_data.exe
  • stable_enterprise_optimized.dll
  • ultra_basic_global.dll
Product Name
  • Advanced Universal Pro Optimizer
  • AI Compiler Hyper SDK Designer
  • Auto Mega Interpreter Instant Viewer
  • Basic Cloud Easy Renderer
  • Buffer Innovative AI Next Monitor
  • Certified Total Protocol Reader
  • Comprehensive Efficient Plus Validator
  • Distributed Excellence Trusted Editor
  • Easy Enterprise Tree Queue Enhancer
  • Easy Streamlined Business Validator
Show More
  • Enterprise Cache Pro Adaptive Formatter
  • International Cyber AI Pipeline Reader
  • Interpreter Compiler Distributed Scanner
  • Library Hyper Hash Robust Transformer
  • Next Intelligent Machine Finder
  • Pro Augmented Plus Queue Compiler
  • Pro Cache Global Searcher
  • Productive Runtime Global Elite Validator
  • Protocol Async Modern Accelerator
  • Quality Stream Ultimate Fast Editor
  • Quantum Blockchain Framework Editor
  • Rapid Parallel Data Compressor
  • Robust Protected Auto Compressor
  • Simple Intelligent Data Tracker
  • Stable Enterprise Optimized Finder
  • Ultra Basic Global Inspector
Product Version
  • 20.2.10.2318
  • 19.9.19.6583
  • 19.3.34.5855
  • 19.2.9.9296
  • 18.9.22.152
  • 18.7.73.1418
  • 17.2.99.7463
  • 16.5.95.5332
  • 15.9.13.9172
  • 14.7.19.7228
Show More
  • 14.7.11.7629
  • 13.0.22.5493
  • 11.4.91.5301
  • 10.6.35.3362
  • 9.2.88.596
  • 9.1.3.156
  • 6.6.33.9663
  • 6.4.79.6857
  • 5.9.25.4586
  • 4.7.63.323
  • 3.0.25.8798
  • 2.9.70.1932
  • 2.9.4.1915
  • 2.8.9.7636
  • 1.9.7.4490
  • 1.6.73.1475

File Traits

  • dll
  • x64

Block Information

Total Blocks: 346
Potentially Malicious Blocks: 121
Whitelisted Blocks: 147
Unknown Blocks: 78

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x x ? ? ? 0 ? ? 0 x 0 ? x x 0 x x 0 x x 0 0 x x x 0 x x x x x x x x x x 0 x 0 x 0 x x x 0 0 x 0 x 0 x 0 0 x 0 x x x 0 x 0 x x 0 x 0 x x x x 0 0 x x 0 x x x x x x 0 x x x 0 0 x 0 0 x x x ? ? x ? ? x x x ? x ? ? x x ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x x x ? x ? x ? ? ? ? x ? 0 ? x x ? x 0 ? ? x ? ? 0 x ? x 0 x x 0 ? ? x ? x x x ? x x x x x ? ? ? x x x ? x ? ? ? ? 0 x 0 0 ? ? 0 x 0 0 0 ? ? ? ? 0 ? 0 x x ? 0 0 x x x 0 0 0 0 x 0 x x x x x x 0 x x 0 0 0 x x x 0 x x x x 0 x x 0 x x 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
Show More
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Trending

Most Viewed

Loading...