× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fa877e587e5ae611d3a1f6c27cc2629efcaebad39084bc3a6fb1496b076c643d
File name: 442074293440-1116-084755-242.exe
Detection ratio: 11 / 47
Analysis date: 2013-11-15 17:44:21 UTC ( 5 years, 6 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Agent 20131115
AVG Crypt_s.ESB 20131115
BitDefender Gen:Variant.Kazy.291782 20131115
Commtouch W32/Trojan.ESFI-0526 20131115
Emsisoft Gen:Variant.Kazy.291782 (B) 20131115
GData Gen:Variant.Kazy.291782 20131115
Kaspersky UDS:DangerousObject.Multi.Generic 20131115
Malwarebytes Trojan.Dropper 20131115
McAfee Downloader-FWJ!0AC74872CF5A 20131115
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J!81 20131114
eScan Gen:Variant.Kazy.291782 20131115
Yandex 20131114
AntiVir 20131115
Antiy-AVL 20131115
Avast 20131115
Baidu-International 20131115
Bkav 20131115
ByteHero 20131114
CAT-QuickHeal 20131115
ClamAV 20131115
Comodo 20131115
DrWeb 20131115
ESET-NOD32 20131115
F-Prot 20131115
F-Secure 20131115
Fortinet 20131115
Ikarus 20131115
Jiangmin 20131115
K7AntiVirus 20131115
K7GW 20131115
Kingsoft 20130829
Microsoft 20131115
NANO-Antivirus 20131115
Norman 20131115
nProtect 20131115
Panda 20131115
Rising 20131115
Sophos AV 20131115
SUPERAntiSpyware 20131115
Symantec 20131115
TheHacker 20131115
TotalDefense 20131114
TrendMicro 20131115
TrendMicro-HouseCall 20131115
VBA32 20131115
VIPRE 20131115
ViRobot 20131115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-03-11 02:30:41
Entry Point 0x00001443
Number of sections 4
PE sections
PE imports
GetLengthSid
GetUserNameA
CopySid
RegQueryValueExA
RegOpenKeyA
ExcludeClipRect
UpdateColors
GetTextExtentExPointA
CreateBitmap
GetTextExtentPoint32A
CreateFontA
GetStockObject
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateSolidBrush
Rectangle
IntersectClipRect
SetBkColor
CreateCompatibleDC
DeleteObject
RealizePalette
SetTextColor
ImmGetContext
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmSetCompositionFontA
acmDriverID
acmStreamOpen
GetModuleHandleA
HeapCreate
FreeLibrary
HeapAlloc
ExitProcess
GetProcAddress
GetMessageA
GetDoubleClickTime
LoadIconA
UpdateWindow
GetQueueStatus
PostQuitMessage
DefWindowProcA
RegisterClassA
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 2
PE resources
ExifTool file metadata
LegalTrademarks
Legal

SubsystemVersion
5.1

InitializedDataSize
17408

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.2.1.2

LanguageCode
Neutral 2

FileFlagsMask
0x0000

CharacterSet
Unknown (0025)

LinkerVersion
10.0

EntryPoint
0x1443

OriginalFileName
gog.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2010

FileVersion
5.2.1.2

TimeStamp
2005:03:11 02:30:41+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
go.exe

FileDescrsiption
go .exe

ProductVersion
5.2.1.3

UninitializedDataSize
0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
MS Corp

CodeSize
1536

ProductName
Go

ProductVersionNumber
5.2.1.3

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0ac74872cf5acd21a8424faa599d4f85
SHA1 d80f06a621db254ac3c68e2e309cf1f342f0b83c
SHA256 fa877e587e5ae611d3a1f6c27cc2629efcaebad39084bc3a6fb1496b076c643d
ssdeep
384:K1GXr3fNdv1DmTJi8GPBICtgXj9/bhh8yzeN:JXr3FBPmT9tKye

authentihash 8da552984441ed27dc7b7d5574aa5c2aa000659dcf8da0ef22dd07a9ba8ae3a9
imphash 39b2903b7498188e4955572bbeb0f3fe
File size 19.5 KB ( 19968 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.2%)
Win32 Executable (generic) (11.7%)
Win16/32 Executable Delphi generic (5.4%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe

VirusTotal metadata
First submission 2013-11-15 15:49:30 UTC ( 5 years, 6 months ago )
Last submission 2015-06-12 11:38:32 UTC ( 3 years, 11 months ago )
File names ACAS11142013.exe
0ac74872cf5acd21a8424faa599d4f85
c-18b58-697-1384530604
fa877e587e5ae611d3a1f6c27cc2629efcaebad39084bc3a6fb1496b076c643d
442074293440-1116-084755-242.exe
007107308
0ac74872cf5acd21a8424faa599d4f85
2439215541-2-0_M1-1-442074293440-1116-084755-242.exe
0ac74872cf5acd21a8424faa599d4f85.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!