× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 56122dea380404260073947d3b5eb214c8843d2455c9b8afc96ad594e9b54615
Dateiname: Waow.exe
Erkennungsrate: 0 / 57
Analyse-Datum: 2015-01-30 22:07:30 UTC ( vor 3 Jahre, 7 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20150130
AegisLab 20150130
Yandex 20150130
AhnLab-V3 20150130
Alibaba 20150130
ALYac 20150130
Antiy-AVL 20150130
Avast 20150206
AVG 20150130
Avira (no cloud) 20150130
AVware 20150130
Baidu-International 20150130
BitDefender 20150130
Bkav 20150130
ByteHero 20150130
CAT-QuickHeal 20150130
ClamAV 20150130
CMC 20150129
Comodo 20150130
Cyren 20150130
DrWeb 20150206
Emsisoft 20150130
ESET-NOD32 20150130
F-Prot 20150130
F-Secure 20150206
Fortinet 20150130
GData 20150130
Ikarus 20150130
Jiangmin 20150129
K7AntiVirus 20150206
K7GW 20150206
Kaspersky 20150130
Kingsoft 20150130
Malwarebytes 20150130
McAfee 20150130
McAfee-GW-Edition 20150130
Microsoft 20150130
eScan 20150130
NANO-Antivirus 20150130
Norman 20150130
nProtect 20150130
Panda 20150130
Qihoo-360 20150130
Rising 20150129
Sophos AV 20150130
SUPERAntiSpyware 20150130
Symantec 20150206
Tencent 20150130
TheHacker 20150130
TotalDefense 20150130
TrendMicro 20150130
TrendMicro-HouseCall 20150130
VBA32 20150129
VIPRE 20150130
ViRobot 20150130
Zillya 20150206
Zoner 20150130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT appended, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-01 08:08:28
Entry Point 0x000108AF
Number of sections 4
PE sections
Overlays
MD5 6ae4db4bddc705da24a54cf30273fa18
File type application/zip
Offset 506880
Size 33410335
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
InitCommonControlsEx
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
SetLastError
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetFullPathNameW
SetEnvironmentVariableW
MoveFileExW
SetUnhandledExceptionFilter
TerminateProcess
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatW
CreateDirectoryW
DeleteFileW
GetProcAddress
CreateFileMappingW
CompareStringW
WriteFile
ExpandEnvironmentStringsW
FindNextFileW
FindFirstFileW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
DosDateTimeToFileTime
LCMapStringW
UnmapViewOfFile
GetConsoleCP
LCMapStringA
GetTimeFormatW
GetEnvironmentStringsW
IsDBCSLeadByte
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
GetCurrentProcessId
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
MapWindowPoints
SetFocus
GetParent
UpdateWindow
EndDialog
LoadBitmapW
SetWindowTextW
DefWindowProcW
IsWindow
GetWindowTextW
GetMessageW
ShowWindow
SetWindowPos
wvsprintfW
GetSystemMetrics
SetWindowLongW
MessageBoxW
SendMessageW
GetWindowRect
RegisterClassExW
CharUpperW
DialogBoxParamW
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
GetWindowLongW
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
GetClientRect
GetDlgItem
GetWindow
OemToCharBuffA
DispatchMessageW
GetClassNameW
PeekMessageW
OemToCharA
CopyRect
WaitForInputIdle
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
EnableWindow
SetForegroundWindow
DestroyWindow
CharToOemA
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
OleInitialize
OleUninitialize
Number of PE resources by type
RT_STRING 9
RT_DIALOG 6
RT_ICON 6
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 17
NEUTRAL DEFAULT 7
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:12:01 09:08:28+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
100352

LinkerVersion
9.0

EntryPoint
0x108af

InitializedDataSize
405504

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 0f8b6df242df2b5c68d1a03994a37033
SHA1 81a38274a9eb8e45b2c19eccfa974d172ca0f1f5
SHA256 56122dea380404260073947d3b5eb214c8843d2455c9b8afc96ad594e9b54615
ssdeep
786432:NYqgLe5ErsrqRowkWPUr+rw+jVfwldkDcUAXaKZKLr/1I+fwwh8:qOszRowk+tfwjkDcDXLZK/KcwwW

authentihash dd6525d59ba9fd2c175844d0724c2c8b2e16471cbfd292e1f43603d74bc610a6
imphash cb23e26cc45ed9aa58fdce155e7da31a
File size 32.3 MB ( 33917215 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-01-30 22:07:30 UTC ( vor 3 Jahre, 7 Monate )
Last submission 2015-02-03 16:05:40 UTC ( vor 3 Jahre, 7 Monate )
Dateinamen Waow.exe
Waow.exe
Waow.exe
Waow.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!