× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1d808f88d4b8044a9291b71aaa2c4dec0a3e0fdd747d4cf08bc49ee9ae076d4c
File name: 1D808F88D4B8044A9291B71AAA2C4DEC0A3E0FDD747D4CF08BC49EE9AE076D4C.dat
Detection ratio: 17 / 46
Analysis date: 2013-11-19 13:40:27 UTC ( 5 měsíců ago )
Antivirus Result Update
AntiVir TR/Crypt.ZPACK.10484 20131119
Avast Win32:Expiro-CW [Cryp] 20131119
ESET-NOD32 Win32/Expiro.NBP 20131119
Fortinet W32/Expiro.NBP 20131119
GData Win32.Trojan.Agent.XCT2VI 20131119
Ikarus Trojan.Win32.Meredrop 20131119
Kaspersky UDS:DangerousObject.Multi.Generic 20131119
McAfee Artemis!907B93B37C4F 20131119
McAfee-GW-Edition Artemis!907B93B37C4F 20131118
Microsoft Trojan:Win32/Meredrop 20131119
Panda Trj/dtcontx.I 20131119
SUPERAntiSpyware Trojan.Agent/Gen-Festo 20131119
Sophos Mal/Generic-S 20131119
Symantec Suspicious.Cloud 20131119
TrendMicro TROJ_GEN.R0CBC0DKF13 20131119
TrendMicro-HouseCall TROJ_GEN.R0CBC0DKF13 20131119
VIPRE Trojan.Win32.Meredrop 20131119
AVG 20131119
Agnitum 20131119
AhnLab-V3 20131119
Antiy-AVL 20131119
Baidu-International 20131119
BitDefender 20131119
Bkav 20131119
ByteHero 20131118
CAT-QuickHeal 20131119
ClamAV 20131119
Commtouch 20131119
Comodo 20131119
DrWeb 20131119
Emsisoft 20131119
F-Prot 20131119
F-Secure 20131119
Jiangmin 20131119
K7AntiVirus 20131118
K7GW 20131118
Kingsoft 20130829
Malwarebytes 20131119
MicroWorld-eScan 20131119
NANO-Antivirus 20131119
Norman 20131119
Rising 20131118
TheHacker 20131118
TotalDefense 20131118
VBA32 20131119
ViRobot 20131119
nProtect 20131119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-11-04 05:45:00
Entry Point 0x00003CC6
Number of sections 4
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
LocalReAlloc
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
IsDebuggerPresent
GlobalGetAtomNameA
TlsAlloc
GetEnvironmentStringsW
LoadLibraryA
EndUpdateResourceA
RtlUnwind
GetModuleFileNameA
GetStdHandle
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStrings
GetLocaleInfoA
GetFileSize
UnhandledExceptionFilter
GetModuleHandleW
GetCPInfo
ExitProcess
InterlockedDecrement
MultiByteToWideChar
HeapSize
GetTickCount
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
QueryPerformanceCounter
TlsFree
WriteTapemark
WideCharToMultiByte
GetStringTypeA
GetModuleHandleA
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
TlsSetValue
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
SetWaitableTimer
TerminateProcess
SetCommConfig
GetCurrentProcess
IsValidCodePage
HeapCreate
VirtualFree
TlsGetValue
Sleep
GetFileType
GetFullPathNameW
ReadFileEx
HeapAlloc
GetVersion
LeaveCriticalSection
VirtualAlloc
GetCurrentProcessId
SetLastError
InterlockedIncrement
Ord(298)
Ord(157)
Ord(40)
Ord(129)
Ord(412)
Ord(169)
Ord(127)
Ord(20)
Ord(125)
Ord(16)
Ord(117)
Ord(201)
Ord(139)
Ord(115)
Ord(41)
PathAppendW
StrCmpIW
PathIsUNCA
PathAddExtensionA
Number of PE resources by type
RT_MENU 4
RT_ACCELERATOR 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 6
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:11:04 06:45:00+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
166400

LinkerVersion
9.0

EntryPoint
0x3cc6

InitializedDataSize
1637376

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 907b93b37c4fefeab4f3c0a1385846a8
SHA1 622a534a7152657ae93a09979078a853e0466991
SHA256 1d808f88d4b8044a9291b71aaa2c4dec0a3e0fdd747d4cf08bc49ee9ae076d4c
ssdeep
12288:2P66AcSIrwlmIaVyXNlRuXqyCZrq+MBhZAa:2OcSIrw8IaMXd8+MBvAa

File size 571.5 KB ( 585216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-11-19 13:40:27 UTC ( 5 měsíců ago )
Last submission 2013-11-19 13:40:27 UTC ( 5 měsíců ago )
File names 1D808F88D4B8044A9291B71AAA2C4DEC0A3E0FDD747D4CF08BC49EE9AE076D4C.dat
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!