× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: e09c82eac237e40cf574a95f817531cfb055da9f693223ec22460c31a612bf00
Dateiname: a2.exe
Erkennungsrate: 38 / 55
Analyse-Datum: 2016-06-25 17:05:47 UTC ( vor 2 Jahre, 11 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware Trojan.Agent.BTDF 20160625
AegisLab Troj.W32.Generic!c 20160624
AhnLab-V3 Malware/Win32.Generic.C1456358 20160625
ALYac Trojan.Agent.BTDF 20160625
Arcabit Trojan.Agent.BTDF 20160625
Avast Win32:Malware-gen 20160625
AVG Generic_s.HMO 20160625
Avira (no cloud) TR/AD.Boaxxe.Y.imom 20160625
AVware Trojan.Win32.Generic!BT 20160625
BitDefender Trojan.Agent.BTDF 20160625
Cyren W32/Trojan.YDAF-6203 20160625
DrWeb Trojan.Boaxxe.484 20160625
Emsisoft Trojan.Agent.BTDF (B) 20160625
ESET-NOD32 Win32/Boaxxe.EJ 20160625
F-Secure Trojan.Agent.BTDF 20160625
Fortinet W32/Generik.JITBFJV!tr 20160625
GData Trojan.Agent.BTDF 20160625
Ikarus Trojan.Win32.Boaxxe 20160625
Jiangmin Trojan.Generic.ymfh 20160625
K7AntiVirus Trojan ( 004ee41b1 ) 20160625
K7GW Trojan ( 004ee41b1 ) 20160625
Kaspersky HEUR:Trojan.Win32.Generic 20160625
Malwarebytes Trojan.Downloader 20160625
McAfee GenericR-HKM!4BDD2B5CF9C4 20160625
McAfee-GW-Edition BehavesLike.Win32.Ramnit.cc 20160625
Microsoft Trojan:Win32/Dynamer!ac 20160625
eScan Trojan.Agent.BTDF 20160625
NANO-Antivirus Trojan.Win32.Boaxxe.edbfyb 20160625
nProtect Trojan.Agent.BTDF 20160624
Panda Trj/GdSda.A 20160625
Qihoo-360 HEUR/QVM19.1.Malware.Gen 20160625
Sophos AV Mal/Generic-S 20160625
Symantec Trojan.Gen 20160625
Tencent Win32.Trojan.Generic.Pgxh 20160625
TrendMicro TROJ_GEN.R00XC0VEA16 20160625
VIPRE Trojan.Win32.Generic!BT 20160625
Yandex Trojan.Boaxxe!CqD/bt2w5/0 20160625
Zillya Trojan.Kryptik.Win32.882817 20160624
Alibaba 20160624
Antiy-AVL 20160625
Baidu 20160624
Baidu-International 20160614
Bkav 20160625
CAT-QuickHeal 20160625
ClamAV 20160625
CMC 20160620
Comodo 20160625
F-Prot 20160625
Kingsoft 20160625
SUPERAntiSpyware 20160625
TheHacker 20160625
TrendMicro-HouseCall 20160625
VBA32 20160624
ViRobot 20160625
Zoner 20160625
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Unpeel Luce

Product knub reprive
Original name knub.exe
Internal name knub
File version 3.9
Description knub melicoccus xix
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-08-04 11:34:41
Entry Point 0x0001AD0C
Number of sections 6
PE sections
PE imports
GetTokenInformation
RegEnumValueW
CryptVerifySignatureW
EqualSid
ClusterResourceTypeCloseEnum
ClusterControl
OpenClusterNetwork
ClusterRegEnumValue
SetClusterNetworkPriorityOrder
BackupClusterDatabase
AddClusterResourceNode
lstrcpynW
HeapFree
GetSystemDirectoryW
Process32First
WriteFile
SetProcessPriorityBoost
CreateDirectoryExA
GetTempPathW
HeapAlloc
GetThreadLocale
ReadProcessMemory
lstrcmpiW
SetNamedPipeHandleState
VirtualAlloc
lstrlenW
Process32Next
GetProcessHeap
malloc
__p__wenviron
tolower
mblen
sqrt
cosh
atan2
isalpha
free
exp
isupper
atof
memcpy
GetClientRect
GetFocus
GetUserObjectInformationA
DispatchMessageW
UpdateWindow
SpInstanceInit
CredentialUpdateNotify
SpLsaModeInitialize
SpInitialize
CredentialUpdateRegister
CredentialUpdateFree
SpUserModeInitialize
Number of PE resources by type
RT_DIALOG 3
RT_STRING 2
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 8
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
92672

ImageVersion
0.0

ProductName
knub reprive

FileVersionNumber
3.9.0.54199

UninitializedDataSize
4096

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
knub.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3.9

TimeStamp
2010:08:04 12:34:41+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
knub

ProductVersion
3.9

FileDescription
knub melicoccus xix

OSVersion
5.0

FileOS
Win32

LegalCopyright
Unpeel Luce

MachineType
Intel 386 or later, and compatibles

CompanyName
Unpeel Luce

CodeSize
10752

FileSubtype
0

ProductVersionNumber
3.9.0.54199

EntryPoint
0x1ad0c

ObjectFileType
Executable application

File identification
MD5 4bdd2b5cf9c497cd1f36451186c5f4ba
SHA1 98c2a68da528050d8c74c1eaec36e97fba3ce659
SHA256 e09c82eac237e40cf574a95f817531cfb055da9f693223ec22460c31a612bf00
ssdeep
1536:8eDJw2YZHQcExuh4pnHlXbwgQYbNSjsHNvfmL69IgET5yDhsl/IeSseABq1IdCF0:PDJwjjAnHu3YbzNn+gEtfIeSspqJw

authentihash c65bdabeb724f4d15bd0a24d0ae55caf9ccb16e5fcde4ffa46ef484f86c21beb
imphash ce35fd692c847c12c278c52500ddae57
File size 102.0 KB ( 104448 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-05-05 20:55:51 UTC ( vor 3 Jahre )
Last submission 2016-06-25 17:05:47 UTC ( vor 2 Jahre, 11 Monate )
Dateinamen 3898e9.png
aa
VW1L5OfET.wsf
VirusShare_4bdd2b5cf9c497cd1f36451186c5f4ba
a2.exe
knub
e96.png
4bdd2b5cf9c497cd1f36451186c5f4ba
knub.exe
8.png
a2.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs
UDP communications