× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 40260e01b9ed71d41c651209f74a08f77a7dcb65423dfa6bff94dd8c0348d5af
File name: Label_11052013.exe
Detection ratio: 6 / 46
Analysis date: 2013-11-05 15:41:46 UTC ( 5 years, 6 months ago ) View latest
Antivirus Result Update
Commtouch W32/Trojan.YYQO-3752 20131105
Kaspersky UDS:DangerousObject.Multi.Generic 20131105
Malwarebytes Trojan.Email.FA 20131105
McAfee PWSZbot-FIT!F84D8EEFCAF5 20131105
McAfee-GW-Edition Artemis!F84D8EEFCAF5 20131105
Norman Small.LT 20131105
Yandex 20131105
AhnLab-V3 20131105
AntiVir 20131105
Antiy-AVL 20131101
Avast 20131105
AVG 20131105
Baidu-International 20131105
BitDefender 20131105
Bkav 20131105
ByteHero 20131105
CAT-QuickHeal 20131105
ClamAV 20131105
Comodo 20131105
DrWeb 20131105
Emsisoft 20131105
ESET-NOD32 20131105
F-Prot 20131105
F-Secure 20131105
Fortinet 20131105
GData 20131105
Ikarus 20131105
Jiangmin 20131105
K7AntiVirus 20131105
K7GW 20131105
Kingsoft 20130829
Microsoft 20131105
eScan 20131028
NANO-Antivirus 20131105
nProtect 20131105
Panda 20131105
Rising 20131105
Sophos AV 20131105
SUPERAntiSpyware 20131105
Symantec 20131105
TheHacker 20131105
TotalDefense 20131104
TrendMicro 20131105
TrendMicro-HouseCall 20131105
VBA32 20131105
VIPRE 20131105
ViRobot 20131105
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-11-05 10:07:39
Entry Point 0x0000151E
Number of sections 4
PE sections
PE imports
CreateFontIndirectA
CreatePen
BitBlt
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetModuleHandleA
FindFirstFileA
DeleteFileA
FindClose
GetCommandLineA
GetCurrentThreadId
SetFocus
GetMessageA
CreateWindowExA
GetWindowRect
DispatchMessageA
FillRect
TranslateMessage
MoveWindow
SendMessageA
PostQuitMessage
DefWindowProcA
ShowWindow
UpdateWindow
GetDC
RegisterClassExA
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:11:05 11:07:39+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
10240

LinkerVersion
9.0

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x151e

InitializedDataSize
14336

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 f84d8eefcaf542c19f8a7189783cfd46
SHA1 6533b2dac3c3aedbbf668b3ec8aea219aaedd599
SHA256 40260e01b9ed71d41c651209f74a08f77a7dcb65423dfa6bff94dd8c0348d5af
ssdeep
768:8Qv/YOZIgQtz8GEkT9oe2lxUCuwE3u89MtdEI2MyzNORQtOflIwoHNM2XBFV7WBR:tv/pZIgQtz8GEkT9oe2lxUC9E3tMtdEY

authentihash bb0687114833f35883c6e04a138112915015f6720f17163bdd04046cd3a6685c
imphash 2121fd23b453f538ab8eb2236aa5f534
File size 25.0 KB ( 25600 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-11-05 14:26:41 UTC ( 5 years, 6 months ago )
Last submission 2018-10-09 15:47:41 UTC ( 7 months, 2 weeks ago )
File names Label_11052013.exe.malware
Label_11052013.exe
007072299
c-e2f91-569-1383661503
Case_11052013.exe
40260e01b9ed71d41c651209f74a08f77a7dcb65423dfa6bff94dd8c0348d5af
Scan_002_28378181_129.exe
919081fe97a20e9fb0253f733aebc66032659744
f84d8eefcaf542c19f8a7189783cfd46.exe
6533b2dac3c3aedbbf668b3ec8aea219aaedd599
Case_11052013.ex_
f84d8eefcaf542c19f8a7189783cfd46
file-6171007_exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!