× Cookies er deaktiveret! Denne side kræver cookies for at fungere korrekt
SHA256: 6582717ec82ea7d5bbea929b36b6f06e80059a6235688a2edcf866c0ff96687d
Filnavn: a139342fac65945b041eec25db35b299
Opdagelses forhold: 51 / 70
Undersøgelses dato: 2019-02-13 13:56:08 UTC ( 3 måneder, 1 ugeiden )
Antivirus Resultat Opdatere
Acronis suspicious 20190213
Ad-Aware Trojan.GenericKD.40886909 20190213
AegisLab Trojan.Win32.Generic.lx0C 20190213
AhnLab-V3 Trojan/Win32.Tescrypt.R230733 20190213
ALYac Trojan.GenericKD.40886909 20190213
Antiy-AVL Trojan/Win32.AGeneric 20190213
Arcabit Trojan.Generic.D26FE27D 20190213
Avast Win32:Malware-gen 20190213
AVG Win32:Malware-gen 20190213
Avira (no cloud) TR/Downloader.Gen 20190213
BitDefender Trojan.GenericKD.40886909 20190213
CAT-QuickHeal Trojan.Mauvaise.SL1 20190213
ClamAV Win.Malware.Flystudio-6738927-0 20190213
Comodo TrojWare.Win32.Agent.OSCF@5rs7jr 20190213
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cybereason malicious.fac659 20190109
Cylance Unsafe 20190213
Cyren W32/Agent.EW.gen!Eldorado 20190213
DrWeb Trojan.DiskFill.41072 20190213
eGambit Unsafe.AI_Score_77% 20190213
Emsisoft Trojan.GenericKD.40886909 (B) 20190213
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/FlyStudio.HackTool.A potentially unwanted 20190213
F-Prot W32/Agent.EW.gen!Eldorado 20190213
F-Secure Trojan.TR/Downloader.Gen 20190213
Fortinet W32/Agent.AZAJ!tr 20190213
GData Win32.Trojan.FlyStudio.F 20190213
Ikarus Trojan.Win32.TeslaCrypt 20190213
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 005246d51 ) 20190213
K7GW Trojan ( 005246d51 ) 20190213
Kaspersky HEUR:Trojan.Win32.Generic 20190213
Malwarebytes RiskWare.FlyStudio 20190213
MAX malware (ai score=84) 20190213
McAfee Dropper-FVZ!A139342FAC65 20190213
McAfee-GW-Edition BehavesLike.Win32.Trojan.fh 20190213
Microsoft Trojan:Win32/Tescrypt!rfn 20190213
eScan Trojan.GenericKD.40886909 20190213
NANO-Antivirus Trojan.Win32.FlyStudio.fcuxgn 20190213
Panda Trj/Genetic.gen 20190213
Qihoo-360 HEUR/QVM07.1.338B.Malware.Gen 20190213
Rising PUF.Hacktool!1.B2A6 (CLASSIC) 20190213
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Troj/Agent-BAIS 20190213
Symantec SMG.Heur!gen 20190213
Trapmine malicious.moderate.ml.score 20190123
VBA32 BScope.Trojan.Tiggre 20190213
Webroot W32.Trojan.GenKD 20190213
Yandex Trojan.Agent!uBcOXP48wV8 20190213
Zillya Trojan.Generic.Win32.39956 20190212
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20190213
Alibaba 20180921
Avast-Mobile 20190213
Babable 20180918
Baidu 20190202
Bkav 20190213
CMC 20190213
Jiangmin 20190213
Kingsoft 20190213
Palo Alto Networks (Known Signatures) 20190213
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190213
Tencent 20190213
TheHacker 20190212
TotalDefense 20190213
TrendMicro 20190213
TrendMicro-HouseCall 20190213
Trustlook 20190213
ViRobot 20190213
Zoner 20190213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-10 17:28:39
Entry Point 0x0009ADD5
Number of sections 4
PE sections
Overlays
MD5 80c821b3929e06c78bf32b1a6a1873ce
File type ASCII text
Offset 1040384
Size 7830
Entropy 5.01
PE imports
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCloseKey
RegCreateKeyExA
ImageList_Read
ImageList_GetImageCount
ImageList_Duplicate
ImageList_Destroy
ImageList_SetBkColor
Ord(17)
CreatePolygonRgn
SetROP2
PathToRegion
GetWindowOrgEx
PatBlt
SetViewportExtEx
CreatePen
GetBkMode
SaveDC
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateRectRgnIndirect
EndPath
CombineRgn
GetClipBox
GetROP2
GetWindowExtEx
GetClipRgn
GetViewportOrgEx
SelectObject
Rectangle
SetMapMode
GetObjectA
ExcludeClipRect
CreateCompatibleDC
DeleteDC
RestoreDC
SetBkMode
GetSystemPaletteEntries
OffsetViewportOrgEx
GetTextExtentPoint32A
EndDoc
SetWindowOrgEx
StartPage
DeleteObject
BitBlt
GetStretchBltMode
RealizePalette
SetTextColor
GetDeviceCaps
GetCurrentObject
FillRgn
CreateEllipticRgn
CreateDCA
CreateBitmap
RectVisible
CreatePalette
GetStockObject
CreateDIBitmap
GetPolyFillMode
ScaleWindowExtEx
SetBkColor
ExtTextOutA
PtVisible
GetDIBits
ExtSelectClipRgn
CreateRoundRectRgn
SelectClipRgn
RoundRect
StretchBlt
SetStretchBltMode
SelectPalette
ScaleViewportExtEx
EndPage
CreateRectRgn
LineTo
StartDocA
SetPolyFillMode
CreateCompatibleBitmap
SetWindowExtEx
GetTextColor
CreateSolidBrush
DPtoLP
SetViewportOrgEx
Escape
GetViewportExtEx
BeginPath
GetBkColor
Ellipse
MoveToEx
LPtoDP
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
SetEvent
HeapDestroy
IsBadCodePtr
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetProcAddress
GetStringTypeA
InterlockedExchange
WriteFile
WaitForSingleObject
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
SetLastError
GetSystemTime
GetEnvironmentVariableA
GlobalFindAtomA
HeapAlloc
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
GetPrivateProfileStringA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
CreateThread
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetOEMCP
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GlobalSize
GetStartupInfoA
UnlockFile
GetFileSize
LCMapStringW
DeleteFileA
GetWindowsDirectoryA
WaitForMultipleObjects
GetProcessHeap
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
FindNextFileA
DuplicateHandle
GetUserDefaultLCID
GetTimeZoneInformation
CreateEventA
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
GlobalDeleteAtom
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
WinExec
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetVersion
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
GetProcessVersion
FindResourceA
VirtualAlloc
VariantChangeType
UnRegisterTypeLib
RegisterTypeLib
VariantCopyInd
VariantClear
SysAllocString
LoadTypeLib
LHashValOfNameSys
VariantInit
ShellExecuteA
SHGetSpecialFolderPathA
Shell_NotifyIconA
RedrawWindow
GetMessagePos
SetWindowRgn
SetMenuItemBitmaps
DestroyWindow
MoveWindow
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
GetNextDlgTabItem
IsWindow
DispatchMessageA
ClientToScreen
ScrollWindowEx
GrayStringA
WindowFromPoint
GetMessageTime
CallNextHookEx
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetScrollPos
LoadIconA
GetWindowTextLengthA
CopyAcceleratorTableA
GetTopWindow
LoadImageA
GetActiveWindow
GetWindowTextA
PtInRect
DrawEdge
GetParent
UpdateWindow
SetPropA
EqualRect
GetMenuState
ShowWindow
DrawFrameControl
CreateIconFromResourceEx
EnableWindow
MapWindowPoints
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
LoadStringA
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
SetTimer
FillRect
CopyRect
GetSysColorBrush
EndPaint
CreateAcceleratorTableA
IsChild
IsDialogMessageA
SetFocus
CreateWindowExA
GetMessageA
SetCapture
BeginPaint
OffsetRect
GetScrollPos
KillTimer
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
GetClipboardData
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
IntersectRect
SetWindowLongA
RemovePropA
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
CreateMenu
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
EnumDisplaySettingsA
SetWindowsHookExA
GetMenuItemCount
DestroyAcceleratorTable
ValidateRect
CreateIconFromResource
GetSystemMenu
GetMenuItemID
SetForegroundWindow
OpenClipboard
EmptyClipboard
ChildWindowFromPointEx
GetScrollRange
EndDialog
GetCapture
SetWindowTextA
AppendMenuA
GetPropA
SetMenu
RegisterClipboardFormatA
SetRectEmpty
CallWindowProcA
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
DestroyIcon
IsWindowVisible
GetDesktopWindow
SetCursorPos
WinHelpA
SetRect
DeleteMenu
InvalidateRect
wsprintfA
DrawTextA
TranslateAcceleratorA
IsRectEmpty
GetClassNameA
GetFocus
CloseClipboard
ModifyMenuA
UnhookWindowsHookEx
SetCursor
waveOutReset
midiStreamProperty
waveOutOpen
waveOutClose
midiOutPrepareHeader
waveOutUnprepareHeader
waveOutPause
waveOutGetNumDevs
waveOutPrepareHeader
midiStreamOpen
midiStreamOut
midiStreamStop
waveOutWrite
midiStreamRestart
midiOutUnprepareHeader
midiOutReset
midiStreamClose
OpenPrinterA
DocumentPropertiesA
ClosePrinter
recv
accept
WSAAsyncSelect
recvfrom
ioctlsocket
getpeername
WSACleanup
closesocket
inet_ntoa
GetFileTitleA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
OleUninitialize
CLSIDFromProgID
OleInitialize
CoCreateInstance
OleRun
CLSIDFromString
Number of PE resources by type
RT_BITMAP 15
RT_STRING 11
RT_DIALOG 10
RT_CURSOR 4
RT_GROUP_CURSOR 3
RT_ICON 3
TEXTINCLUDE 3
RT_GROUP_ICON 3
RT_MENU 2
RT_MANIFEST 1
Number of PE resources by language
CHINESE SIMPLIFIED 52
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
4.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:04:10 19:28:39+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
761856

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
479232

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x9add5

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 a139342fac65945b041eec25db35b299
SHA1 ecb93014a05579b075579bc49b93cef6aa0d3343
SHA256 6582717ec82ea7d5bbea929b36b6f06e80059a6235688a2edcf866c0ff96687d
ssdeep
24576:1qylFH50Dv6RwyeQvt6ot0h9HyrOgiruAbY:IylFHUv6ReIt0jSrOC

authentihash 3625756702805a1346e32ffe7885842d3c9857a1a769cfac9d3b8b7f7bef7ba1
imphash 28178deeb23ca335978bbb93418aba95
File size 1023.6 KB ( 1048214 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (29.5%)
Win64 Executable (generic) (26.1%)
Microsoft Visual C++ compiled executable (generic) (15.6%)
Windows screen saver (12.4%)
Win32 Dynamic Link Library (generic) (6.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2019-02-13 13:56:08 UTC ( 3 måneder, 1 ugeiden )
Last submission 2019-02-13 13:56:08 UTC ( 3 måneder, 1 ugeiden )
Ingen kommentarer. Ingen af VirusTotal's medlemmer har kommenteret denne enhed, bliv den første til at gøre dette.

Efterlad din kommentar...

?
Send kommentar

Du er ikke logget ind. Kun registrerede brugere kan skrive kommentarer, log ind!

Ingen stemmer. Ingen har bedømt denne enhed endnu, bliv den første der gør det!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Opened mutexes
Runtime DLLs