× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 032d0b1a454a5965c381eac298f56709a0ddb6f07519a97ece9e0fece9e233e5
File name: HydraDM.exe
Detection ratio: 0 / 57
Analysis date: 2015-04-23 18:11:10 UTC ( 3 years ago )
Antivirus Result Update
Ad-Aware 20150423
AegisLab 20150423
Yandex 20150423
AhnLab-V3 20150423
Alibaba 20150423
ALYac 20150423
Antiy-AVL 20150423
Avast 20150423
AVG 20150423
Avira (no cloud) 20150423
AVware 20150423
Baidu-International 20150421
BitDefender 20150423
Bkav 20150423
ByteHero 20150423
CAT-QuickHeal 20150423
ClamAV 20150423
CMC 20150423
Comodo 20150423
Cyren 20150423
DrWeb 20150423
Emsisoft 20150423
ESET-NOD32 20150423
F-Prot 20150423
F-Secure 20150423
Fortinet 20150423
GData 20150423
Ikarus 20150423
Jiangmin 20150422
K7AntiVirus 20150423
K7GW 20150423
Kaspersky 20150423
Kingsoft 20150423
Malwarebytes 20150423
McAfee 20150423
McAfee-GW-Edition 20150422
Microsoft 20150423
eScan 20150423
NANO-Antivirus 20150423
Norman 20150423
nProtect 20150423
Panda 20150423
Qihoo-360 20150423
Rising 20150423
Sophos AV 20150423
SUPERAntiSpyware 20150423
Symantec 20150423
Tencent 20150423
TheHacker 20150423
TotalDefense 20150423
TrendMicro 20150423
TrendMicro-HouseCall 20150423
VBA32 20150423
VIPRE 20150423
ViRobot 20150423
Zillya 20150422
Zoner 20150422
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © AMD 2006-2010

Publisher AMD
Product AMD HydraVision Desktop Manager
Original name HydraDM.exe
Internal name HydraDM
File version 4.0.66
Description HydraDM
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-10-07 02:54:01
Entry Point 0x00030F5B
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegSetValueExA
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA
RegCreateKeyA
RegEnumKeyA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
ExtFloodFill
SetMapMode
SaveDC
TextOutA
CreateFontIndirectA
GetTextMetricsA
GetClipBox
GetPixel
GetDeviceCaps
CreateDCA
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
SelectObject
BitBlt
SetTextColor
CreatePatternBrush
GetObjectA
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
GetDCOrgEx
CreateCompatibleDC
StretchBlt
ScaleViewportExtEx
ExtEscape
DeleteObject
GetTextExtentPoint32A
GetMapMode
SetWindowExtEx
CreateSolidBrush
DPtoLP
Escape
SetBkColor
SetViewportExtEx
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
WaitForSingleObject
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
TlsGetValue
FormatMessageA
SetLastError
GetUserDefaultLangID
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
LoadLibraryExA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
TerminateProcess
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
GlobalDeleteAtom
OpenProcess
GetWindowsDirectoryA
GlobalLock
GetProcessHeap
GlobalReAlloc
lstrcmpA
lstrcpyA
ResetEvent
lstrcmpW
GetProcAddress
CreateEventA
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LocalReAlloc
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
IsDBCSLeadByte
VirtualQuery
lstrlenW
WinExec
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetVersion
FreeResource
OpenEventA
SizeofResource
CreateProcessA
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
CompareStringA
CreateStdAccessibleObject
LresultFromObject
VarUI4FromStr
VariantChangeType
VariantClear
VariantInit
DragQueryFileA
DragFinish
ShellExecuteA
Shell_NotifyIconA
PathFindFileNameA
PathFindExtensionA
RedrawWindow
GetForegroundWindow
UnregisterHotKey
SetMenuItemBitmaps
MoveWindow
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GetWindowLongA
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetMenuDefaultItem
GetNextDlgTabItem
CallNextHookEx
LoadAcceleratorsA
LoadMenuIndirectA
LoadImageW
ChangeDisplaySettingsExA
ClientToScreen
GetTopWindow
ShowCursor
LockWindowUpdate
GetMenuItemInfoA
GetWindowTextA
ChangeDisplaySettingsA
DestroyWindow
GetMessageA
RegisterHotKey
GetParent
UpdateWindow
SetPropA
EqualRect
EnumWindows
GetMenuState
GetClassInfoExA
ShowWindow
GetPropA
ValidateRect
EnableWindow
SetWindowPlacement
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
InsertMenuItemA
LoadStringA
GetWindowPlacement
EnumDisplaySettingsA
LoadStringW
IsIconic
InvertRect
TabbedTextOutA
DrawFocusRect
CreateWindowExA
GetActiveWindow
ShowOwnedPopups
FillRect
CharNextA
GetSysColorBrush
PtInRect
IsChild
IsDialogMessageA
MapWindowPoints
PostMessageA
BeginPaint
OffsetRect
SetFocus
KillTimer
RegisterWindowMessageA
DefWindowProcA
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
RegisterClassA
SetCapture
ReleaseCapture
EnumChildWindows
SetWindowLongA
CheckDlgButton
RemovePropA
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetLastActivePopup
SetTimer
GetDlgItem
GetMenuCheckMarkDimensions
CreateDialogParamA
BringWindowToTop
ScreenToClient
GetClassLongA
GetCapture
FindWindowExA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
GetSystemMenu
ReuseDDElParam
GetMenuItemID
SetForegroundWindow
ExitWindowsEx
DialogBoxIndirectParamA
DrawTextA
IntersectRect
EndDialog
LoadMenuA
CopyRect
CreateDialogIndirectParamA
FindWindowA
SetWindowTextA
MessageBeep
DrawTextExA
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
AppendMenuA
DrawFrameControl
SetMenu
SetDlgItemTextA
SetRectEmpty
CallWindowProcA
MessageBoxA
CascadeWindows
GetWindowDC
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
IsWindowVisible
TileWindows
UnpackDDElParam
WinHelpA
UnionRect
SetRect
DeleteMenu
InvalidateRect
wsprintfA
SendMessageTimeoutA
TranslateAcceleratorA
IsRectEmpty
GetClassNameA
GetFocus
ModifyMenuA
UnhookWindowsHookEx
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
Number of PE resources by type
RT_BITMAP 11
RT_DIALOG 5
RT_ICON 5
RT_GROUP_ICON 5
RT_GROUP_CURSOR 2
RT_CURSOR 2
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 33
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
114688

ImageVersion
0.0

ProductName
AMD HydraVision Desktop Manager

FileVersionNumber
4.0.66.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.0.66

TimeStamp
2011:10:07 03:54:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
HydraDM

ProductVersion
4.0.66

FileDescription
HydraDM

OSVersion
4.0

OriginalFilename
HydraDM.exe

LegalCopyright
Copyright AMD 2006-2010

MachineType
Intel 386 or later, and compatibles

CompanyName
AMD

CodeSize
274432

FileSubtype
0

ProductVersionNumber
4.0.66.0

EntryPoint
0x30f5b

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 39c15f4e7e10fd753508ca396a12f5b1
SHA1 d970938f408a8dd4894779bf2b82ca0ff7389ab6
SHA256 032d0b1a454a5965c381eac298f56709a0ddb6f07519a97ece9e0fece9e233e5
ssdeep
6144:rggCM08hLhOYEqVabnCW9UDrJ0cmK0s08ER3IGqCMj0000E:rOFSW7CdDrWx60BR3IG0Q

authentihash f78b9f98950d88b5d9713775e6ae584e0dead93b3e7fdd22e325ead5a5a87a42
imphash 59d5a487eb97968e987e5659474599fa
File size 384.0 KB ( 393216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2011-10-08 11:02:26 UTC ( 6 years, 6 months ago )
Last submission 2015-04-23 18:11:10 UTC ( 3 years ago )
File names HydraDM
vt-upload-e9caND
HydraDM.exe
hydradm.exe
E83FC7DA00E2B33F0067062D4C6CF9006FBC8799.exe
HydraDM.exe
HydraDM.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.