× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7546df1244096b3c70f7f5da33d367ce43bf4bfd397568a4adf51a23fa3cd0af
File name: Getdesigntimehtml
Detection ratio: 36 / 60
Analysis date: 2017-05-04 21:06:51 UTC ( 3 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.4938715 20170504
AegisLab Uds.Dangerousobject.Multi!c 20170504
AhnLab-V3 Win-Trojan/Sagecrypt.Gen 20170504
Arcabit Trojan.Generic.D4B5BDB 20170504
Avast Win32:Rootkit-gen [Rtk] 20170504
AVG SHeur4.COBG 20170504
Avira (no cloud) TR/AD.MalwareCrypter.bcorp 20170504
AVware Trojan.Win32.Generic!BT 20170504
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9920 20170503
BitDefender Trojan.GenericKD.4938715 20170504
CAT-QuickHeal Trojan.Injector 20170504
Comodo TrojWare.Win32.Pliskal.~C 20170504
Cyren W32/Trojan.UTNE-1555 20170504
Emsisoft Trojan.GenericKD.4938715 (B) 20170504
Endgame malicious (high confidence) 20170503
ESET-NOD32 Win32/Pliskal.C 20170504
F-Secure Trojan.GenericKD.4938715 20170504
Fortinet W32/Reconyc.C!tr 20170504
GData Trojan.GenericKD.4938715 20170504
Ikarus Trojan.Win32.Pliskal 20170504
Sophos ML virus.win32.sality.at 20170413
K7AntiVirus Trojan ( 004f84e91 ) 20170504
Kaspersky Trojan.Win32.Reconyc.hxnx 20170504
Malwarebytes Trojan.Downloader 20170504
McAfee Artemis!6ADF3E734F3C 20170504
McAfee-GW-Edition BehavesLike.Win32.Dropper.dh 20170504
Microsoft TrojanDownloader:Win32/Drelotent.A 20170504
eScan Trojan.GenericKD.4938715 20170504
Palo Alto Networks (Known Signatures) generic.ml 20170504
Panda Trj/CI.A 20170504
Sophos AV Mal/Generic-S 20170504
Symantec Trojan Horse 20170504
Tencent Win32.Trojan.Reconyc.Wskt 20170504
VIPRE Trojan.Win32.Generic!BT 20170504
Yandex Trojan.Reconyc! 20170504
ZoneAlarm by Check Point Trojan.Win32.Reconyc.hxnx 20170504
Alibaba 20170504
ALYac 20170504
ClamAV 20170504
CMC 20170504
CrowdStrike Falcon (ML) 20170130
DrWeb 20170504
F-Prot 20170504
Jiangmin 20170504
K7GW 20170426
Kingsoft 20170504
NANO-Antivirus 20170504
nProtect 20170504
Qihoo-360 20170504
Rising 20170501
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170504
Symantec Mobile Insight 20170504
TheHacker 20170504
TotalDefense 20170504
TrendMicro 20170504
TrendMicro-HouseCall 20170504
VBA32 20170504
ViRobot 20170504
Webroot 20170504
WhiteArmor 20170502
Zillya 20170504
Zoner 20170504
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013. All rights reserved.

Product Getdesigntimehtml
Original name Getdesigntimehtml.exe
Internal name Getdesigntimehtml
File version 9.3.6.4
Description Blue Password
Comments Blue Password
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-04-23 14:26:57
Entry Point 0x0000548F
Number of sections 4
PE sections
PE imports
ImageList_Create
ImageList_Add
GetOutlineTextMetricsA
DeleteDC
SetBkMode
SelectObject
GetNearestPaletteIndex
GetStockObject
CreateBitmap
SetWindowExtEx
DeleteObject
CombineRgn
BitBlt
CreateCompatibleDC
SetViewportExtEx
CreateCompatibleBitmap
SetTextColor
SetMapMode
CreateToolhelp32Snapshot
GetLastError
InterlockedDecrement
HeapFree
GetStdHandle
EnterCriticalSection
GetConsoleOutputCP
GetVersionExA
SetHandleCount
lstrlenA
LoadLibraryW
GetConsoleCP
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
TlsAlloc
GlobalUnlock
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetFileType
GetConsoleMode
GetLocaleInfoA
GetFileSize
LCMapStringW
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
InterlockedIncrement
FreeEnvironmentStringsW
GetConsoleTitleA
GetCommandLineA
GlobalLock
TlsFree
GetLocaleInfoW
SetStdHandle
GetModuleHandleA
RaiseException
GetCPInfo
GetStringTypeA
SetFilePointer
ReadFile
SetUnhandledExceptionFilter
lstrcpyA
GetStartupInfoA
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetProcAddress
ExitProcess
TerminateProcess
QueryPerformanceCounter
WriteConsoleA
InitializeCriticalSection
HeapCreate
WriteFile
GlobalAlloc
VirtualFree
IsDebuggerPresent
Sleep
SetLastError
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
GetProcessHeap
VirtualAlloc
GetCurrentProcessId
WriteConsoleW
LeaveCriticalSection
GradientFill
RpcObjectSetType
RpcProtseqVectorFreeA
RpcNsBindingInqEntryNameW
Ord(155)
SHOpenFolderAndSelectItems
SHGetDesktopFolder
Ord(189)
ShellExecuteA
PathFindFileNameA
PathIsDirectoryA
PathRemoveFileSpecA
PathAppendA
DrawTextA
EndDialog
OffsetRect
CheckRadioButton
PostQuitMessage
DefWindowProcA
FindWindowA
SendDlgItemMessageA
IsWindow
GetWindowRect
SetMenu
SetDlgItemTextA
GetDlgItemTextA
AppendMenuW
CheckDlgButton
ReleaseDC
CreatePopupMenu
GetWindowTextLengthA
SendMessageA
GetClientRect
CreateMenu
GetDlgItem
wsprintfA
FindWindowExA
CreateWindowExA
IsDlgButtonChecked
GetWindowTextA
DialogBoxIndirectParamA
PtInRect
CreateEnvironmentBlock
CreateStreamOnHGlobal
CoTaskMemAlloc
PdhAddCounterW
Number of PE resources by type
RT_STRING 12
RT_ICON 6
RCDATA 4
AFX 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 28
PE resources
ExifTool file metadata
LegalTrademarks
Copyright 2013. All rights reserved.

SubsystemVersion
4.0

Comments
Blue Password

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.3.6.4

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Blue Password

CharacterSet
Unicode

InitializedDataSize
151552

PrivateBuild
9.3.6.4

EntryPoint
0x548f

OriginalFileName
Getdesigntimehtml.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013. All rights reserved.

FileVersion
9.3.6.4

TimeStamp
2017:04:23 15:26:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Getdesigntimehtml

ProductVersion
9.3.6.4

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
BreakPoint Software, Inc.

CodeSize
77824

ProductName
Getdesigntimehtml

ProductVersionNumber
9.3.6.4

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 6adf3e734f3c8e908a879de28c179890
SHA1 81e16ad5667bebc977fa0591c39c9c27adff56f3
SHA256 7546df1244096b3c70f7f5da33d367ce43bf4bfd397568a4adf51a23fa3cd0af
ssdeep
3072:hyf594pFIKv3mweK5OnotZ4ucxy2ZoEkp4gYDkRYY3A51w+:8f/i6wl5FZwy2ZCYcYNT

authentihash 3e10c4f6159f234f23e364aa7142103225024f7893763db865af7408cfb9c25c
imphash 0656aea2952250495cc799e0712b679c
File size 228.0 KB ( 233472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-25 21:07:13 UTC ( 3 months, 3 weeks ago )
Last submission 2017-04-27 01:27:35 UTC ( 3 months, 3 weeks ago )
File names 2017-04-26_02-01-45.bin
Getdesigntimehtml
Getdesigntimehtml.exe
A.exe
Win32.Trojan.Agent@7546df1244096b3c70f7f5da33d367ce43bf4bfd397568a4adf51a23fa3cd0af.bin
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Shell commands
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications