× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: b3913d567ca228ac32cd35b5d6245393d2b2c1d1c40a60edc55ea7a521f96694
Dateiname: Info.Pdf.exe
Erkennungsrate: 41 / 54
Analyse-Datum: 2014-11-19 21:01:59 UTC ( vor 4 Jahre, 6 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware Trojan.GenericKD.1963246 20141119
AhnLab-V3 Malware/Win32.Generic 20141119
Antiy-AVL Trojan/Win32.Inject 20141119
Avast Win32:Malware-gen 20141119
AVG Zbot.UPL 20141119
Avira (no cloud) TR/Ransom.476160.1 20141119
AVware Trojan.Win32.Generic!BT 20141119
Baidu-International Trojan.Win32.Kryptik.bCPPR 20141119
BitDefender Trojan.GenericKD.1963246 20141119
Bkav W32.HfsAutoA.D734 20141119
CAT-QuickHeal Trojan.Inject.r4 20141119
Comodo TrojWare.Win32.Amtar.amu 20141119
Cyren W32/PWS.KOVA-5590 20141119
DrWeb Trojan.Encoder.761 20141119
Emsisoft Trojan-Ransom.Win32.Agent (A) 20141119
ESET-NOD32 a variant of Win32/Kryptik.CQDT 20141119
F-Secure Trojan.GenericKD.1963246 20141119
Fortinet W32/Kryptik.CPPR!tr 20141119
GData Trojan.GenericKD.1963246 20141119
Ikarus Trojan.Win32.Crypt 20141119
K7AntiVirus Trojan ( 004b06ec1 ) 20141119
K7GW Trojan ( 004b06ec1 ) 20141119
Kaspersky Trojan.Win32.Inject.sbdv 20141119
Malwarebytes Trojan.Agent.ED 20141119
McAfee PWSZbot-FAFA!EDF51B7C2507 20141119
McAfee-GW-Edition BehavesLike.Win32.Generic.gh 20141119
Microsoft Ransom:Win32/Teerac.A 20141119
eScan Trojan.GenericKD.1963246 20141119
NANO-Antivirus Trojan.Win32.Crypren.dijcqg 20141119
Norman Troj_Generic.XCFML 20141119
nProtect Trojan.GenericKD.1963246 20141119
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20141119
Rising PE:Trojan.Win32.Generic.179E4464!396248164 20141119
Sophos AV Troj/Agent-AJSY 20141119
Symantec Trojan.Zbot 20141119
Tencent Win32.Trojan.Inject.Apwn 20141119
TotalDefense Win32/Tnega.KDaBVDB 20141119
TrendMicro-HouseCall TROJ_CRYPTLOCK.I 20141119
VBA32 Trojan.Zbot.1714 20141119
VIPRE Trojan.Win32.Generic!BT 20141119
Zillya Trojan.Inject.Win32.118105 20141119
AegisLab 20141119
Yandex 20141119
ByteHero 20141119
ClamAV 20141119
CMC 20141118
F-Prot 20141119
Jiangmin 20141119
Kingsoft 20141119
Panda 20141119
SUPERAntiSpyware 20141119
TheHacker 20141117
ViRobot 20141119
Zoner 20141118
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2012 NVIDIA Corporation. All rights reserved.

Product NVIDIA 3D Vision Photo Viewer
Original name nvStView.exe
Internal name nvStView.exe
File version 7.17.13.1061
Description NVIDIA 3D Vision Photo Viewer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-10-22 17:42:02
Entry Point 0x0000553E
Number of sections 4
PE sections
PE imports
GetUserNameA
GetUserNameW
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryA
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleHandleW
RtlUnwind
lstrlenW
GetACP
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetConsoleOutputCP
GetCommandLineW
GetWindowsDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
SetStdHandle
FreeEnvironmentStringsW
GetProcAddress
GetStringTypeA
GetProcessHeap
ExitProcess
GetModuleHandleA
GetTempPathA
RaiseException
GetCPInfo
TlsFree
SetFilePointer
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GetSystemDirectoryA
HeapReAlloc
GetStringTypeW
OutputDebugStringA
GetFileType
TerminateProcess
GetModuleFileNameA
LCMapStringA
WideCharToMultiByte
IsValidCodePage
OutputDebugStringW
VirtualFree
WriteConsoleA
TlsGetValue
Sleep
SetLastError
TlsSetValue
CreateFileA
HeapAlloc
GetVersion
LeaveCriticalSection
VirtualAlloc
HeapCreate
WriteConsoleW
InterlockedIncrement
GetProcessDefaultLayout
GetMessagePos
LoadBitmapW
GetDesktopWindow
GetMessageExtraInfo
GetCursor
GetWindowLongW
Number of PE resources by type
RT_RCDATA 3
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 7
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
401408

ImageVersion
0.0

ProductName
NVIDIA 3D Vision Photo Viewer

FileVersionNumber
7.17.13.1061

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

FileDescription
NVIDIA 3D Vision Photo Viewer

CharacterSet
Unicode

LinkerVersion
144.0

FileTypeExtension
exe

OriginalFileName
nvStView.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7.17.13.1061

TimeStamp
2014:10:22 18:42:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
nvStView.exe

ProductVersion
7.17.13.1061

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

LegalCopyright
(C) 2012 NVIDIA Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
NVIDIA Corporation

CodeSize
73872

FileSubtype
0

ProductVersionNumber
7.17.13.1061

EntryPoint
0x553e

ObjectFileType
Dynamic link library

File identification
MD5 edf51b7c2507590d697e0899c0cadcb5
SHA1 b59b8c306917ba92c48abba83992e09e9146336c
SHA256 b3913d567ca228ac32cd35b5d6245393d2b2c1d1c40a60edc55ea7a521f96694
ssdeep
6144:9AKLo20Yi4qqavLoz4cbcJZeCb8Zyf5RmJugB5ejkcWv:9Ls20YivgtQJZeK8ZI5RmsgB5eEv

authentihash cfdceaf9755d7c282e233c3cef62762960ac8fd3d826912c85804d4f14c23f69
imphash f3353b7c6f6c775d70a27ef6b7579f29
File size 465.0 KB ( 476160 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-07 12:11:19 UTC ( vor 4 Jahre, 6 Monate )
Last submission 2018-03-25 05:26:23 UTC ( vor 1 Jahr, 1 Monat )
Dateinamen EDF51B7C2507590D697E0899C0CADCB5
ozxxyqyp
nvStView.exe
edf51b7c2507590d697e0899c0cadcb5
b3913d567ca228ac32cd35b5d6245393d2b2c1d1c40a60edc55ea7a521f96694.exe.000
Info.Pdf_____________________________________________________________.exe
Info.Pdf.exe
Payment.exe
Payment.Pdf_____________________________________________________________.exe
Account.exe
Invoice.Pdf_____________________________________________________________.exe
b3913d567ca228ac32cd35b5d6245393d2b2c1d1c40a60edc55ea7a521f96694.bin
edf51b7c2507590d697e0899c0cadcb5.exe
Invoice
info2.pdf
info_pdf.exe
b59b8c306917ba92c48abba83992e09e9146336c.exe.vir
Payment.Pdf.exe
Account.Pdf_____________________________________________________________.exe
nodomainrux.bin
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Opened mutexes
Runtime DLLs