× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a2fec44b5bc4abdb7c21589a107e379b49f7b4e559d16a1a4bcd6d06ceacfbea
File name: report_{DIGIT[12]}.exe
Detection ratio: 9 / 46
Analysis date: 2013-08-16 15:07:34 UTC ( 5 years, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Tepfer 20130816
Comodo Heur.Packed.Unknown 20130816
ESET-NOD32 Win32/Kryptik.BIEP 20130816
Kaspersky UDS:DangerousObject.Multi.Generic 20130816
Malwarebytes Malware.Packer.ORPC 20130816
McAfee PWS-Zbot-FBDT!6EBF2EA3DB16 20130816
McAfee-GW-Edition Artemis!6EBF2EA3DB16 20130816
Rising Backdoor.Agent!5632 20130816
Symantec Suspicious.Cloud.5 20130816
Yandex 20130816
AntiVir 20130816
Antiy-AVL 20130816
Avast 20130816
AVG 20130816
BitDefender 20130816
ByteHero 20130814
CAT-QuickHeal 20130816
ClamAV 20130816
Commtouch 20130816
DrWeb 20130816
Emsisoft 20130816
F-Prot 20130816
F-Secure 20130816
Fortinet 20130816
GData 20130816
Ikarus 20130816
Jiangmin 20130816
K7AntiVirus 20130816
K7GW 20130816
Kingsoft 20130723
Microsoft 20130816
eScan 20130816
NANO-Antivirus 20130816
Norman 20130816
nProtect 20130816
Panda 20130816
PCTools 20130816
Sophos AV 20130816
SUPERAntiSpyware 20130816
TheHacker 20130816
TotalDefense 20130815
TrendMicro 20130816
TrendMicro-HouseCall 20130816
VBA32 20130816
VIPRE 20130816
ViRobot 20130816
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-16 11:22:34
Entry Point 0x000016A3
Number of sections 4
PE sections
PE imports
SetVolumeLabelW
CreateFileMappingW
CreatePipe
LoadLibraryA
GetConsoleAliasA
GetShortPathNameW
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
DeviceIoControl
DeleteFileA
CreateSemaphoreW
SetCurrentDirectoryA
GetProcessHeap
CreateMailslotA
GetACP
FatalExit
VirtualAlloc
GetModuleHandleW
WriteConsoleW
SetEnvironmentVariableA
ShowModelessHTMLDialog
ShowModalDialog
ShowHTMLDialog
DllEnumClassObjects
Number of PE resources by type
RT_ICON 1
Struct(25) 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
FRENCH BELGIAN 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:06:16 12:22:34+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2048

LinkerVersion
2.25

FileTypeExtension
exe

InitializedDataSize
512

SubsystemVersion
5.1

EntryPoint
0x16a3

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 6ebf2ea3db16b3e912068d0a9e33320e
SHA1 07688bfe300462086f6736ca5ed0cc702cc0a5ba
SHA256 a2fec44b5bc4abdb7c21589a107e379b49f7b4e559d16a1a4bcd6d06ceacfbea
ssdeep
1536:RtMISMA7uEfgQuUUGMFp/C/p9S+qnQzmrSCNMi3kVkt3/y3oCf1YLyg+hqGlxZkD:Rt+I9Zgx4+I1aY+wyVN+dvJx

authentihash 17b33045405a482c928263ec5a4da2c49d99d4e0b5b2eebe25963b961de881a2
imphash 4fc93914c5e77080e655befbc2091181
File size 116.5 KB ( 119296 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.2%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-16 13:49:04 UTC ( 5 years, 9 months ago )
Last submission 2017-12-06 18:31:07 UTC ( 1 year, 5 months ago )
File names vt-upload-vz3tv
ADP_week_invoice.exe
vt-upload-6xjob
report_{DIGIT[12]}.exe
ADP_week_invoice.exe_
malekal_6ebf2ea3db16b3e912068d0a9e33320e
file-5834443_exe-
vt-upload-ihZgh
vt-upload-OzCGs
vt-upload-C6xsh
ADP_week_invoice
6ebf2ea3db16b3e912068d0a9e33320e.exe
report_{DIGIT[12]}.exe
6ebf2ea3db16b3e912068d0a9e33320e
ADP_week_invoice.exe-
007669482
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!