× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 1b1ed3dc65b6f497f37eed69779e01e135e48196e9febd665b60c749033d5e1b
Dateiname: kami bot.EXE
Erkennungsrate: 8 / 55
Analyse-Datum: 2014-09-01 10:53:25 UTC ( vor 4 Jahre )
Antivirus Ergebnis Aktualisierung
Yandex HackTool.CheatEngine!h2lP7QG9eRI 20140831
Antiy-AVL Trojan/Win32.Tgenic 20140901
AVware Trojan.Win32.Generic.pak!cobra 20140901
ESET-NOD32 a variant of Win32/HackTool.CheatEngine.AF 20140901
Jiangmin TrojanDropper.Injector.bhlg 20140829
Malwarebytes Hacktool.CheatEngine 20140901
NANO-Antivirus Trojan.Win32.CheatEngine.ddqnic 20140901
VIPRE Trojan.Win32.Generic.pak!cobra 20140901
Ad-Aware 20140901
AegisLab 20140901
AhnLab-V3 20140831
AntiVir 20140901
Avast 20140901
AVG 20140901
Baidu-International 20140901
BitDefender 20140901
Bkav 20140829
ByteHero 20140901
CAT-QuickHeal 20140901
ClamAV 20140831
CMC 20140828
Comodo 20140901
Cyren 20140901
DrWeb 20140901
Emsisoft 20140901
F-Prot 20140901
F-Secure 20140901
Fortinet 20140901
GData 20140901
Ikarus 20140901
K7AntiVirus 20140830
K7GW 20140830
Kaspersky 20140901
Kingsoft 20140901
McAfee 20140901
McAfee-GW-Edition 20140901
Microsoft 20140901
eScan 20140901
Norman 20140901
nProtect 20140901
Panda 20140901
Qihoo-360 20140901
Rising 20140901
Sophos AV 20140901
SUPERAntiSpyware 20140901
Symantec 20140901
Tencent 20140901
TheHacker 20140829
TotalDefense 20140901
TrendMicro 20140901
TrendMicro-HouseCall 20140901
VBA32 20140901
ViRobot 20140901
Zillya 20140831
Zoner 20140829
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-28 14:45:44
Entry Point 0x000015EB
Number of sections 5
PE sections
Number of PE resources by type
RT_RCDATA 2
RT_ICON 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
NEUTRAL 2
PE resources
File identification
MD5 ba34f7865ca33f2d666481c55673f622
SHA1 5518cedd3f99bc23f0d11d1e7b27f221622412df
SHA256 1b1ed3dc65b6f497f37eed69779e01e135e48196e9febd665b60c749033d5e1b
ssdeep
98304:sEMtRkuw57VNckop+YMOY7ThCRfYP9f/0A27nmBf:/Pep2OY7T4yX0A27Of

imphash 8d92fa1956a6a631c642190121740197
File size 3.8 MB ( 4015104 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-09-01 10:53:25 UTC ( vor 4 Jahre )
Last submission 2014-09-01 10:53:25 UTC ( vor 4 Jahre )
Dateinamen kami bot.EXE
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created processes
Runtime DLLs
UDP communications