× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: e293278b7a6654dad2ef23b6f07fd419a9a4711b6fa5b087066be89911b34df1
Dateiname: boese.datei
Erkennungsrate: 15 / 45
Analyse-Datum: 2013-07-17 13:58:24 UTC ( vor 5 Jahre, 10 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
AntiVir TR/Yakes.cxml 20130717
Avast Win32:LockScreen-ABY [Trj] 20130717
AVG Generic33.CLHN 20130717
DrWeb Trojan.Siggen5.36824 20130717
ESET-NOD32 Win32/LockScreen.AVP 20130717
Fortinet W32/Yakes.CXML!tr 20130717
Kaspersky Trojan.Win32.Yakes.cxml 20130717
Kingsoft Win32.Troj.Agent.cg.(kcloud) 20130708
Malwarebytes Trojan.Ransom 20130717
McAfee Ransom-FCLP!5CC7CAEE0065 20130717
McAfee-GW-Edition Artemis!5CC7CAEE0065 20130717
Sophos AV Mal/Generic-S 20130717
TrendMicro-HouseCall TROJ_GEN.R047H01GG13 20130717
VBA32 OScope.Malware-Cryptor.Mystig 20130717
VIPRE Trojan.Win32.Generic!BT 20130717
Yandex 20130717
AhnLab-V3 20130717
Antiy-AVL 20130717
BitDefender 20130717
ByteHero 20130613
CAT-QuickHeal 20130717
ClamAV 20130717
Commtouch 20130717
Comodo 20130717
Emsisoft 20130717
eSafe 20130714
F-Prot 20130717
F-Secure 20130717
GData 20130717
Ikarus 20130717
Jiangmin 20130717
K7AntiVirus 20130716
K7GW 20130716
Microsoft 20130717
eScan 20130717
NANO-Antivirus 20130717
Norman 20130716
nProtect 20130717
Panda 20130717
PCTools 20130717
Rising 20130717
SUPERAntiSpyware 20130717
Symantec 20130717
TheHacker 20130717
TotalDefense 20130717
TrendMicro 20130717
ViRobot 20130717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-29 04:18:23
Entry Point 0x00006078
Number of sections 5
PE sections
PE imports
GetUserDefaultUILanguage
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
GetConsoleOutputCP
SetHandleCount
LoadLibraryA
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStrings
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
LCMapStringW
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
GetTickCount
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetProcessHeap
SetStdHandle
InitializeCriticalSection
WideCharToMultiByte
GetModuleFileNameW
TlsFree
SetFilePointer
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
LCMapStringA
WriteConsoleA
IsValidCodePage
HeapCreate
SetLastError
CreateFileW
VirtualFree
TlsGetValue
Sleep
GetFileType
GetFullPathNameW
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
WriteConsoleW
InterlockedIncrement
CommandLineToArgvW
StrCmpW
PathRemoveFileSpecW
PathAppendW
MessageBoxExW
Ord(90)
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:02:29 05:18:23+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
32256

LinkerVersion
9.0

EntryPoint
0x6078

InitializedDataSize
97792

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 5cc7caee00652f43a04e541721b06d49
SHA1 3b2d155cf208bab279afc6562473c3a0fb085504
SHA256 e293278b7a6654dad2ef23b6f07fd419a9a4711b6fa5b087066be89911b34df1
ssdeep
1536:sQde8YPE884zm53MWqtl80MeRM6CRIBCKC5aEuHO4zOYnzf9gx0N:c8sm53el8aRM6RBDKGOs/n5g

File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-16 13:54:14 UTC ( vor 5 Jahre, 10 Monate )
Last submission 2013-07-24 14:42:40 UTC ( vor 5 Jahre, 10 Monate )
Dateinamen boese.datei
vti-rescan
cache.dat
e293278b7a6654dad2ef23b6f07fd419a9a4711b6fa5b087066be89911b34df1
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!