× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 9a424d64a6456ce80931fdf30cb734955f69a3c2a32e0c418d3d1553022499de
Dateiname: Klicki v0.14 ALPHA.exe
Erkennungsrate: 0 / 56
Analyse-Datum: 2015-05-02 13:52:11 UTC ( vor 3 Jahre, 10 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware 20150502
AegisLab 20150502
Yandex 20150502
AhnLab-V3 20150502
Alibaba 20150502
ALYac 20150502
Antiy-AVL 20150502
Avast 20150502
AVG 20150502
Avira (no cloud) 20150501
AVware 20150502
Baidu-International 20150502
BitDefender 20150502
Bkav 20150425
ByteHero 20150502
CAT-QuickHeal 20150502
ClamAV 20150502
CMC 20150501
Comodo 20150502
Cyren 20150502
DrWeb 20150502
Emsisoft 20150502
ESET-NOD32 20150502
F-Prot 20150502
F-Secure 20150502
Fortinet 20150502
GData 20150502
Ikarus 20150502
Jiangmin 20150430
K7AntiVirus 20150502
K7GW 20150502
Kaspersky 20150502
Kingsoft 20150502
McAfee 20150502
McAfee-GW-Edition 20150501
Microsoft 20150502
eScan 20150502
NANO-Antivirus 20150502
Norman 20150502
nProtect 20150430
Panda 20150502
Qihoo-360 20150502
Rising 20150502
Sophos AV 20150502
SUPERAntiSpyware 20150502
Symantec 20150502
Tencent 20150502
TheHacker 20150501
TotalDefense 20150430
TrendMicro 20150502
TrendMicro-HouseCall 20150502
VBA32 20150501
VIPRE 20150502
ViRobot 20150502
Zillya 20150501
Zoner 20150430
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-11-19 06:57:28
Entry Point 0x00001423
Number of sections 5
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DirectDrawEnumerateExA
DirectDrawCreateEx
DirectInputCreateEx
AddFontResourceA
SetMapMode
DeleteDC
RemoveFontResourceA
SelectObject
CreateFontA
GetStockObject
GetTextMetricsA
SetBkColor
SetTextCharacterExtra
CreateCompatibleDC
DeleteObject
SetTextColor
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
GetEnvironmentVariableA
LoadResource
FindClose
TlsGetValue
SetLastError
GetSystemTime
InitializeCriticalSection
CopyFileA
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
QueryPerformanceFrequency
EnumSystemLocalesA
SetThreadPriority
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
CreateThread
SetEnvironmentVariableW
SetUnhandledExceptionFilter
GetSystemDirectoryA
SetEnvironmentVariableA
TerminateProcess
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
FreeLibrary
QueryPerformanceCounter
IsBadWritePtr
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetProcAddress
CompareStringW
VirtualLock
FindFirstFileA
CompareStringA
FindNextFileA
IsValidLocale
GetUserDefaultLCID
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
RemoveDirectoryA
FileTimeToLocalFileTime
GetEnvironmentStrings
LockResource
GetCurrentDirectoryA
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetVersion
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GetOEMCP
acmStreamClose
acmStreamOpen
acmStreamUnprepareHeader
acmFormatSuggest
acmStreamPrepareHeader
acmStreamConvert
acmStreamSize
ShellExecuteA
GetMessageA
MapVirtualKeyA
RegisterClassA
UpdateWindow
PostMessageA
EndDialog
BeginPaint
MoveWindow
KillTimer
DefWindowProcA
ShowWindow
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
GetWindowRect
DispatchMessageA
EnableWindow
SetCapture
ReleaseCapture
ScreenToClient
MessageBoxA
PeekMessageA
SetWindowLongA
DialogBoxParamA
GetCursorPos
DrawTextA
SystemParametersInfoA
SetWindowTextA
CloseWindow
UnregisterClassA
GetForegroundWindow
SetForegroundWindow
GetClientRect
SetTimer
SetCursorPos
ClientToScreen
InvalidateRect
GetWindowLongA
CreateWindowExA
LoadCursorA
ShowCursor
GetDesktopWindow
ToAscii
EndPaint
GetWindowTextA
GetDlgItem
SetCursor
DestroyWindow
timeKillEvent
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
mixerSetControlDetails
mixerGetLineControlsA
mciGetErrorStringA
timeGetTime
mixerClose
timeEndPeriod
timeSetEvent
mixerGetControlDetailsA
timeGetDevCaps
mciSendCommandA
timeBeginPeriod
htonl
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
select
recv
ntohl
send
ntohs
listen
WSACleanup
gethostbyname
inet_ntoa
closesocket
setsockopt
socket
bind
recvfrom
sendto
CoCreateInstance
CoUninitialize
CoInitialize
PE exports
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_DIALOG 1
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2001:11:19 06:57:28+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
487424

LinkerVersion
6.0

EntryPoint
0x1423

InitializedDataSize
278528

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 67766d4ac319ec08cc747537b4d4143a
SHA1 c5bea762c260e81acd53f99938b2c7c1a3b30039
SHA256 9a424d64a6456ce80931fdf30cb734955f69a3c2a32e0c418d3d1553022499de
ssdeep
12288:cgzV+/7nFLYSVIObZY+nZdv4XQzp3Ljl9KM:ca07mSlZrdve6p/l9K

authentihash 799f71d219f53ec0a58915399589444239f8511cc1b45c2618aa58c0b980a65c
imphash 6d956360d607236b19b7cdab974e0c11
File size 624.0 KB ( 638976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-05-02 13:52:11 UTC ( vor 3 Jahre, 10 Monate )
Last submission 2015-05-02 13:52:11 UTC ( vor 3 Jahre, 10 Monate )
Dateinamen Klicki v0.14 ALPHA.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications