× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 00bb2d5603fc10e009a4589a117ec52af7ef8ef865f98f387947ce81b9ab1602
File name: Super_Mario_32.exe
Detection ratio: 1 / 52
Analysis date: 2014-05-10 21:52:19 UTC ( 4 years, 4 months ago )
Antivirus Result Update
TheHacker Trojan/Constructor.IDL.dj 20140510
Ad-Aware 20140510
AegisLab 20140510
Yandex 20140510
AhnLab-V3 20140510
AntiVir 20140510
Antiy-AVL 20140510
Avast 20140510
AVG 20140510
Baidu-International 20140510
BitDefender 20140510
Bkav 20140509
ByteHero 20140510
CAT-QuickHeal 20140510
ClamAV 20140510
CMC 20140506
Commtouch 20140510
Comodo 20140509
DrWeb 20140510
Emsisoft 20140510
ESET-NOD32 20140510
F-Prot 20140510
F-Secure 20140510
Fortinet 20140510
GData 20140510
Ikarus 20140510
Jiangmin 20140510
K7AntiVirus 20140509
K7GW 20140509
Kaspersky 20140510
Kingsoft 20140510
Malwarebytes 20140510
McAfee 20140510
McAfee-GW-Edition 20140510
Microsoft 20140510
eScan 20140510
NANO-Antivirus 20140510
Norman 20140510
nProtect 20140509
Panda 20140510
Qihoo-360 20140510
Rising 20140507
Sophos AV 20140510
SUPERAntiSpyware 20140510
Symantec 20140510
TotalDefense 20140510
TrendMicro 20140510
TrendMicro-HouseCall 20140510
VBA32 20140510
VIPRE 20140510
ViRobot 20140510
Zillya 20140510
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 1.0.0.0
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x001841A4
Number of sections 8
PE sections
PE imports
RegFlushKey
RegCloseKey
GetUserNameA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_Replace
InitCommonControls
ImageList_SetDragCursorImage
ImageList_Read
ImageList_GetDragImage
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
ImageList_DragShowNolock
ImageList_Remove
ImageList_EndDrag
PrintDlgA
ChooseColorA
GetSaveFileNameA
ChooseFontA
GetOpenFileNameA
Direct3DCreate8
DirectDrawCreate
PolyPolyline
SetMapMode
GetWindowOrgEx
GetTextMetricsA
GetCharABCWidthsA
CombineRgn
GetObjectType
GetTextExtentPointA
SetPixel
EndDoc
IntersectClipRect
CopyEnhMetaFileA
CreatePalette
CreateDIBitmap
GetDIBits
GetEnhMetaFileBits
GetDCOrgEx
StretchBlt
GetPaletteEntries
SetWindowExtEx
SetViewportExtEx
ExtCreatePen
SetBkColor
SetWinMetaFileBits
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
SetStretchBltMode
GetCurrentPositionEx
CreateFontIndirectA
CreateRectRgnIndirect
GetPixel
GetBrushOrgEx
ExcludeClipRect
SetBkMode
BitBlt
GetDeviceCaps
SetAbortProc
CreateBrushIndirect
SelectPalette
SetROP2
EndPage
SetDIBColorTable
DeleteObject
CreatePenIndirect
PatBlt
GetClipBox
Rectangle
GetObjectA
CreateDCA
LineTo
DeleteDC
StartPage
RealizePalette
SetEnhMetaFileBits
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
ExtTextOutA
UnrealizeObject
GdiFlush
SelectClipRgn
GetTextExtentPoint32A
GetWinMetaFileBits
GetEnhMetaFileHeader
SetWindowOrgEx
CreateICA
Polygon
CreateHalftonePalette
GetRgnBox
SaveDC
MaskBlt
GetEnhMetaFilePaletteEntries
RestoreDC
GetBitmapBits
CreateDIBSection
SetTextColor
MoveToEx
SetViewportOrgEx
CreateCompatibleDC
SetBrushOrgEx
CreateRectRgn
SelectObject
StartDocA
Ellipse
CreateSolidBrush
Polyline
CreateCompatibleBitmap
DeleteMetaFile
SetThreadLocale
GetStdHandle
FileTimeToDosDateTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
GetLogicalDrives
WideCharToMultiByte
InterlockedExchange
WriteFile
GetDiskFreeSpaceA
GetFullPathNameA
SetEvent
LocalFree
MoveFileA
ResumeThread
GetExitCodeProcess
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
GetStringTypeExA
GetEnvironmentVariableA
GlobalFindAtomA
ExitProcess
GetModuleFileNameA
RaiseException
EnumCalendarInfoA
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
CreateThread
GetExitCodeThread
GlobalAddAtomA
MulDiv
ExitThread
SetPriorityClass
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
EnterCriticalSection
TerminateThread
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetVersionExA
LoadLibraryA
RtlUnwind
GetSystemDirectoryA
GlobalSize
GetStartupInfoA
GetDateFormatA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetCPInfo
GetProcAddress
GlobalReAlloc
FindFirstFileA
lstrcpyA
GetProfileStringA
ResetEvent
FindNextFileA
IsValidLocale
GlobalLock
CreateEventA
CopyFileA
GetFileType
TlsSetValue
CreateFileA
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
GetSystemInfo
lstrlenA
GlobalFree
GetThreadLocale
GlobalUnlock
VirtualQuery
RemoveDirectoryA
FileTimeToLocalFileTime
SizeofResource
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
GetCurrentDirectoryA
GetCommandLineA
GetCurrentThread
QueryPerformanceFrequency
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GetVersion
FreeResource
CreateProcessA
VirtualFree
Sleep
FindResourceA
VirtualAlloc
CompareStringA
WNetGetConnectionA
OleUninitialize
CoTaskMemFree
CoInitialize
OleInitialize
StgCreateDocfileOnILockBytes
CoCreateInstance
CreateBindCtx
CoUninitialize
OleSetMenuDescriptor
OleGetIconOfClass
CreateILockBytesOnHGlobal
CoTaskMemAlloc
VariantChangeType
SafeArrayGetLBound
SafeArrayPtrOfIndex
SysAllocStringLen
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
GetErrorInfo
SysFreeString
VariantInit
OleUIObjectPropertiesA
DragFinish
DragAcceptFiles
SHGetDesktopFolder
SHBrowseForFolderA
DragQueryFileA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
RedrawWindow
GetForegroundWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
ScrollWindowEx
SetMenuItemInfoA
CharUpperBuffA
WindowFromPoint
DrawIcon
GetMessageTime
CallNextHookEx
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
CharLowerBuffA
SetScrollPos
EnumDisplaySettingsA
IsClipboardFormatAvailable
GetKeyboardState
ClientToScreen
GetTopWindow
ShowCursor
EnumClipboardFormats
MsgWaitForMultipleObjects
ScrollWindow
GetWindowTextA
ChangeDisplaySettingsA
GetKeyState
PtInRect
DrawEdge
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
DefMDIChildProcA
ShowWindow
SetClassLongA
GetPropA
GetMenuState
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
PeekMessageA
IsCharAlphaA
TranslateMessage
IsWindowEnabled
GetWindow
ActivateKeyboardLayout
InsertMenuItemA
CreatePopupMenu
GetIconInfo
LoadStringA
SetParent
SetClipboardData
GetSystemMetrics
IsZoomed
GetWindowPlacement
GetKeyboardLayoutList
DrawMenuBar
CharLowerA
IsIconic
RegisterClassA
GetMenuItemCount
GetWindowLongA
SetTimer
OemToCharA
GetActiveWindow
ShowOwnedPopups
FillRect
EnumThreadWindows
CharNextA
GetSysColorBrush
CreateMenu
GetUpdateRect
DestroyWindow
IsChild
IsDialogMessageA
SetFocus
MapVirtualKeyA
EmptyClipboard
SetCapture
BeginPaint
OffsetRect
GetScrollPos
keybd_event
KillTimer
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
MapWindowPoints
SendDlgItemMessageA
IsCharAlphaNumericA
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
GetScrollRange
SetWindowLongA
SetKeyboardState
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
CreateWindowExA
GetDlgItem
ScreenToClient
InsertMenuA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuStringA
DestroyAcceleratorTable
ValidateRect
GetKeyboardLayout
GetSystemMenu
GetDC
SetForegroundWindow
OpenClipboard
GetAsyncKeyState
DrawTextA
IntersectRect
GetScrollInfo
GetCapture
WaitMessage
FindWindowA
MessageBeep
GetCaretPos
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
DrawFrameControl
UnhookWindowsHookEx
RegisterClipboardFormatA
SetRectEmpty
CallWindowProcA
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
LoadKeyboardLayoutA
GetSysColor
SetScrollInfo
GetMenuItemInfoA
SystemParametersInfoA
GetDoubleClickTime
DestroyIcon
GetKeyNameTextA
IsWindowVisible
GetDesktopWindow
GetClipboardData
CharToOemA
SetCursorPos
GetDCEx
WinHelpA
UnionRect
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
CreateAcceleratorTableA
CreateIcon
IsRectEmpty
GetCursor
GetFocus
CloseClipboard
GetKeyboardType
SetMenu
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
joyGetDevCapsA
joyGetPos
sndPlaySoundA
timeGetTime
mciGetErrorStringA
mciSendCommandA
mciSendStringA
joyGetPosEx
EnumPrintersA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
WSAStartup
gethostbyname
gethostname
WSACleanup
Number of PE resources by type
RT_BITMAP 74
RT_STRING 31
RT_RCDATA 18
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_DIALOG 2
RT_MANIFEST 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 136
GERMAN 3
ENGLISH US 2
RUSSIAN 1
DUTCH 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
380416

ImageVersion
0.0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.25

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:05:10 22:51:18+01:00

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2014:05:10 22:51:18+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1586176

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1841a4

ObjectFileType
Executable application

File identification
MD5 5fb9e46311794745167af93ebeb36b79
SHA1 abf5eda9ccbf0dbcaa7a25ee34480420c59b5c01
SHA256 00bb2d5603fc10e009a4589a117ec52af7ef8ef865f98f387947ce81b9ab1602
ssdeep
49152:Katm9S3qP3mF/p/Cxw8vE0SmX1vYPN0/pHpLtf:K703U3BW8M0SmX1vYP2/pHpxf

imphash 5b4c4f9662fb77f83da9bc7c7da021bd
File size 2.7 MB ( 2859507 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Borland Delphi 7 (54.2%)
Win32 Executable Borland Delphi 5 (36.8%)
InstallShield setup (3.5%)
Win32 EXE PECompact compressed (generic) (3.3%)
Win32 Executable Delphi generic (1.1%)
Tags
peexe

VirusTotal metadata
First submission 2014-05-10 21:52:19 UTC ( 4 years, 4 months ago )
Last submission 2014-05-10 21:52:19 UTC ( 4 years, 4 months ago )
File names Super_Mario_32.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.