× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: c850d7f22d3e8c5ef01443c06f30bc05cd07a14997a1a0bc9d8cfeedebb05f73
Dateiname: fd87ebee4969e0bf34e5994b278ef710.exe
Erkennungsrate: 27 / 50
Analyse-Datum: 2016-07-01 06:20:46 UTC ( vor 2 Jahre, 10 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
AhnLab-V3 Trojan/Win32.Agent.N2036094375 20160701
Antiy-AVL Trojan/Win32.TSGeneric 20160701
Arcabit Trojan.Generic.D3338C7 20160701
Avast Win32:Rootkit-gen [Rtk] 20160701
AVG Generic_s.IEV 20160701
Avira (no cloud) TR/Crypt.ZPACK.irkb 20160701
AVware Trojan.Win32.Generic!BT 20160701
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160701
BitDefender Trojan.GenericKD.3356871 20160701
DrWeb Trojan.Siggen6.58358 20160701
Emsisoft Trojan.Win32.MalPack (A) 20160701
ESET-NOD32 Win32/TrojanDownloader.Agent.CFH 20160701
F-Secure Trojan.GenericKD.3356871 20160701
GData Trojan.GenericKD.3356871 20160701
Ikarus Trojan.Win32.Crypt 20160701
K7AntiVirus Trojan-Downloader ( 004e137c1 ) 20160701
K7GW Trojan-Downloader ( 004e137c1 ) 20160701
Kaspersky UDS:DangerousObject.Multi.Generic 20160701
Malwarebytes Trojan.MalPack 20160701
McAfee RDN/Generic Downloader.x 20160701
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20160701
Microsoft TrojanDownloader:Win32/Talalpek.A 20160701
Panda Trj/GdSda.A 20160701
Qihoo-360 QVM20.1.Malware.Gen 20160701
Sophos AV Mal/Generic-S 20160701
VIPRE Trojan.Win32.Generic!BT 20160701
ViRobot Trojan.Win32.S.Agent.106496.ALA[h] 20160701
AegisLab 20160701
Alibaba 20160701
Baidu-International 20160614
CAT-QuickHeal 20160701
ClamAV 20160701
CMC 20160630
Comodo 20160701
Cyren 20160701
F-Prot 20160701
Fortinet 20160701
Jiangmin 20160701
Kingsoft 20160701
NANO-Antivirus 20160701
SUPERAntiSpyware 20160701
Symantec 20160701
Tencent 20160705
TheHacker 20160630
TotalDefense 20160701
TrendMicro 20160701
TrendMicro-HouseCall 20160701
VBA32 20160701
Zillya 20160701
Zoner 20160701
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-07-14 10:54:05
Entry Point 0x000173C7
Number of sections 4
PE sections
PE imports
CopyFileW
CreateWaitableTimerA
CompareStringW
GetTickCount
ReplaceFileW
RemoveDirectoryA
WaitForSingleObjectEx
GetSystemDirectoryA
GetDiskFreeSpaceA
GetDateFormatA
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateHardLinkA
MoveFileExW
GetModuleHandleA
ReadFile
WriteFile
GetStartupInfoA
CreateMutexW
lstrcpynA
FindNextFileA
GetACP
HeapReAlloc
lstrcatW
GetBinaryTypeA
MoveFileA
GetNumberFormatA
OpenEventW
GetLogicalDriveStringsW
InterlockedDecrement
QueryDosDeviceW
CreateFileA
WriteConsoleW
OneXInitialize
OneXCopyAuthParams
OneXFreeMemory
OneXAddTLV
OneXDeInitialize
ExtractIconA
FindExecutableA
DragQueryFileW
SHChangeNotify
DragQueryPoint
SHFileOperationA
SHGetDiskFreeSpaceA
SHBindToObject
SHFree
StrChrA
SHGetDataFromIDListA
ShellMessageBoxA
ExtractAssociatedIconA
DllRegisterServer
SHGetMalloc
ShellAboutA
DragFinish
DrawThemeEdge
GetThemeColor
GetCurrentThemeName
GetThemeEnumValue
OpenThemeData
CloseThemeData
GetThemeSysSize
GetWindowTheme
GetThemeBool
SetWindowTheme
GetThemeTextMetrics
Number of PE resources by type
RT_RCDATA 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:07:14 11:54:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
96256

LinkerVersion
6.0

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x173c7

InitializedDataSize
9216

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 fd87ebee4969e0bf34e5994b278ef710
SHA1 95d18d4da36c89d733c0a424fd748ef42e6e2275
SHA256 c850d7f22d3e8c5ef01443c06f30bc05cd07a14997a1a0bc9d8cfeedebb05f73
ssdeep
1536:hSm93TjzWze/8yUOqwzNdMvQ43se0hG1cmgp7JW33LqLkFrc3/K27TcEB+s6YYeo:hf97SfwzPmQwgp7JC3Lfhocn34y

authentihash 5eeb848541fdce6b4ebde3316151094e27c852e72bbb952471accb1bd4197228
imphash 83b8b65828e0033e6524ad412616ec24
File size 104.0 KB ( 106496 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-06-29 09:23:09 UTC ( vor 2 Jahre, 10 Monate )
Last submission 2018-10-09 12:32:41 UTC ( vor 7 Monate, 2 Wochen )
Dateinamen 2016-06-29-Rig-EK-payload-after-glamgirltube.tk.exe
b010h.exe
fd87ebee4969e0bf34e5994b278ef710.exe
fd87ebee4969e0bf34e5994b278ef710
PE-FD87EBEE4969E0BF34E5994B278EF710
dgm688s.exe
2016-06-29-Rig-EK-payload-after-glamgirltube.tk.exe
6588.tmp
glamgirltube.tk.exe1
2016-06-29-Rig-EK-payload-after-glamgirltube.tk.exe
Rig-EK-payload-after-glamgirltube.tk.exe
ECC3.tmp
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!