× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0660bfce9ceb71d0434f492f637a000bf86b29dcf50b69a0fe2eb35962d7df4f
File name: 0f2fbac527e2e0e235d073126d2e633c39655a13
Detection ratio: 33 / 56
Analysis date: 2014-11-28 07:36:01 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Ad-Aware Gen:Heur.Krypt.12 20141128
AhnLab-V3 PUP/Win32.LoadMoney 20141127
ALYac Gen:Heur.Krypt.12 20141128
Avast Win32:LoadMoney-JU [PUP] 20141128
AVG Win32/Cryptor 20141128
Avira (no cloud) APPL/Downloader.Gen7 20141128
BitDefender Gen:Heur.Krypt.12 20141128
Bkav HW32.Packed.4530 20141127
ClamAV Win.Trojan.Agent-812088 20141128
Comodo Application.Win32.LoadMoney.XST 20141128
DrWeb Trojan.LoadMoney.364 20141128
Emsisoft Gen:Heur.Krypt.12 (B) 20141128
ESET-NOD32 a variant of Win32/Adware.LoadMoney.ZV 20141128
F-Prot W32/LoadMoney.AI.gen!Eldorado 20141128
F-Secure Gen:Heur.Krypt.12 20141128
Fortinet W32/Kryptik.CPAR!tr 20141128
GData Gen:Heur.Krypt.12 20141128
Ikarus Trojan.Win32.Crypt 20141128
K7AntiVirus Unwanted-Program ( 0040f98d1 ) 20141127
K7GW Unwanted-Program ( 0040f98d1 ) 20141128
Kaspersky not-a-virus:HEUR:Downloader.Win32.Plocust.heur 20141128
Malwarebytes PUP.Optional.LoadMoney 20141128
McAfee Packed-CQ 20141128
McAfee-GW-Edition BehavesLike.Win32.Packed.gh 20141128
Microsoft TrojanDownloader:Win32/Ogimant.gen!C 20141128
eScan Gen:Heur.Krypt.12 20141128
NANO-Antivirus Trojan.Win32.LoadMoney.dijjvz 20141128
Norman Kryptik.CDIC 20141128
Panda Trj/Genetic.gen 20141127
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20141126
Sophos AV Troj/LdMon-J 20141128
TotalDefense Win32/Ogiman.eXSIbKD 20141127
VBA32 Malware-Cryptor.Limpopo 20141127
AegisLab 20141128
Yandex 20141126
Antiy-AVL 20141128
AVware 20141121
Baidu-International 20141127
ByteHero 20141128
CAT-QuickHeal 20141127
CMC 20141127
Cyren 20141128
Jiangmin 20141127
Kingsoft 20141128
nProtect 20141127
Qihoo-360 20141128
SUPERAntiSpyware 20141127
Symantec 20141128
Tencent 20141128
TheHacker 20141124
TrendMicro 20141127
TrendMicro-HouseCall 20141128
VIPRE 20141128
ViRobot 20141127
Zillya 20141127
Zoner 20141127
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
998 Ma8-20no0rk Ruichssiv

Publisher Slsysernaint
Product ternals Desin wbugvieSy
Original name fdjuu5we.exe
Internal name rnaStels Deut Viebug sinOuertpw
File version 4.76
Description AllowMultipleInstances
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000014C8
Number of sections 6
PE sections
PE imports
BuildTrusteeWithObjectsAndSidA
FreeEncryptedFileKeyInfo
TrusteeAccessToObjectA
SaferRecordEventLogEntry
DecryptFileW
LsaOpenPolicy
LookupPrivilegeDisplayNameW
LsaQueryInfoTrustedDomain
ImpersonateAnonymousToken
ConvertStringSidToSidA
PrivilegedServiceAuditAlarmW
WmiNotificationRegistrationA
LsaLookupNames
QueryAllTracesW
CryptAcquireContextA
GetPrivateObjectSecurity
LsaAddAccountRights
LsaLookupPrivilegeName
BuildTrusteeWithNameA
CredWriteW
RegEnumKeyExA
EnumServicesStatusExA
LsaEnumerateAccountRights
EnumDependentServicesW
LsaSetInformationTrustedDomain
SetEntriesInAclA
WmiQueryAllDataMultipleA
CreateToolbarEx
ImageList_Duplicate
DrawStatusTextW
ImageList_BeginDrag
CreateUpDownControl
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
FlatSB_GetScrollPos
ImageList_Remove
PropertySheetA
PropertySheetW
GetEffectiveClientRect
ImageList_SetIconSize
CreatePropertySheetPageA
ImageList_Copy
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_EndDrag
GetWindowOrgEx
CreateICW
GdiReleaseLocalDC
InvertRgn
EnumMetaFile
GetTextExtentExPointW
StartPage
EngGetCurrentCodePage
GetFontLanguageInfo
GdiComment
GetTransform
GdiGetPageCount
GetArcDirection
ScaleWindowExtEx
GdiResetDCEMF
EngEraseSurface
RoundRect
GetCharWidthFloatA
RemoveFontResourceA
GdiGetCodePage
UpdateICMRegKeyA
GetCharABCWidthsFloatA
SetFontEnumeration
GetKerningPairs
SetRectRgn
CreatePenIndirect
GetDriveTypeW
GetDriveTypeA
GetPrivateProfileSectionNamesW
SetDefaultCommConfigW
OpenFileMappingW
LZCreateFileW
SetFileShortNameA
FreeEnvironmentStringsW
HeapWalk
SetStdHandle
FindNextVolumeMountPointA
GetConsoleSelectionInfo
IsWow64Process
GetLogicalDriveStringsA
GetExpandedNameW
LocalSize
SetLocaleInfoA
AllocConsole
BeginUpdateResourceW
SetFileAttributesW
VerLanguageNameA
GetWriteWatch
GetNamedPipeInfo
UpdateResourceW
TryEnterCriticalSection
GetLargestConsoleWindowSize
CopyFileA
CreateMailslotA
RemoveDirectoryA
FlushViewOfFile
UpdateResourceA
SetProcessWorkingSetSize
OpenWaitableTimerA
Heap32First
CancelDeviceWakeupRequest
OpenWaitableTimerW
FatalAppExitA
SetFilePointerEx
SetProcessAffinityMask
FlushInstructionCache
LockFileEx
EraseTape
RtlCaptureStackBackTrace
GetExitCodeThread
CreateSemaphoreA
GetVolumeNameForVolumeMountPointW
SetLastConsoleEventActive
EnumSystemLanguageGroupsW
ClearCommError
SetHandleInformation
GetDiskFreeSpaceExA
GetCommState
GetNumberFormatW
lstrcmp
CreateJobSet
SetFileApisToANSI
LZOpenFileW
GetVersionExA
GetDateFormatA
SetVolumeMountPointA
BackupWrite
GetNumberOfConsoleFonts
lstrcpyW
QueryInformationJobObject
GlobalMemoryStatus
FindFirstVolumeMountPointW
FindFirstFileExW
EnumDateFormatsExW
GetTimeZoneInformation
CreateProcessInternalA
WriteProfileSectionW
GetFileType
TlsSetValue
ReadConsoleOutputAttribute
InterlockedIncrement
LocalReAlloc
DosDateTimeToFileTime
GlobalDeleteAtom
GetShortPathNameW
QueryPerformanceFrequency
BuildCommDCBAndTimeoutsA
LockResource
GetConsoleInputExeNameA
GetComPlusPackageInstallStatus
GetCompressedFileSizeA
EnumSystemCodePagesW
SuspendThread
RaiseException
SetUserGeoID
GetGeoInfoA
WriteFileEx
PeekConsoleInputA
GetModuleHandleW
GlobalCompact
OpenSemaphoreA
TransactNamedPipe
LZClose
CoSuspendClassObjects
OleGetAutoConvert
FmtIdToPropStgName
CoPopServiceDomain
CoCreateGuid
OleCreateStaticFromData
PropSysAllocString
PropSysFreeString
CoFreeUnusedLibrariesEx
HBRUSH_UserFree
CoIsOle1Class
StgCreateStorageEx
HBITMAP_UserFree
CoQueryProxyBlanket
StgOpenPropStg
CoInvalidateRemoteMachineBindings
OleQueryLinkFromData
CoFreeUnusedLibraries
GetHGlobalFromStream
CreateObjrefMoniker
CoGetMalloc
CoReleaseMarshalData
OleSetClipboard
CoBuildVersion
CoDisableCallCancellation
VarDecFromUI4
VarUI8FromBool
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
VarI2FromDate
VarXor
VarI8FromUI4
VarDecFix
VectorFromBstr
OleSavePictureFile
VarUI8FromUI4
SafeArrayGetUBound
VarDecNeg
SetErrorInfo
VarCyFromI1
LPSAFEARRAY_Unmarshal
VarI8FromDisp
VarCyInt
SafeArrayGetIID
SetVarConversionLocaleSetting
StrStrA
ShellAboutA
Options_RunDLLA
SHFormatDrive
SHUpdateRecycleBinIcon
AppCompat_RunDLLW
FreeIconList
DoEnvironmentSubstA
ShellExec_RunDLLW
SheSetCurDrive
SHParseDisplayName
ExtractIconA
DragQueryFileA
SHFileOperationA
ShowStartGlass
EnableScrollBar
MessageBoxTimeoutA
GetWindowContextHelpId
GrayStringW
DispatchMessageA
ScrollWindowEx
WindowFromPoint
SetCaretBlinkTime
GetAsyncKeyState
GetClipCursor
DefFrameProcW
UnregisterClassA
GetDlgItemTextW
SetLastErrorEx
LoadMenuIndirectA
AlignRects
GetActiveWindow
ShowCursor
EnumDesktopsW
CopyAcceleratorTableW
LoadAcceleratorsW
EnumPropsExA
DefDlgProcW
DestroyWindow
GetCursorInfo
BroadcastSystemMessageW
GetWindowModuleFileNameA
FlashWindowEx
GetNextDlgGroupItem
CharToOemBuffA
PeekMessageW
GetTabbedTextExtentA
InsertMenuItemW
CharUpperW
PeekMessageA
CharToOemBuffW
IsCharAlphaA
TranslateMessage
GetWindow
GetMenuDefaultItem
InsertMenuItemA
CharNextExA
IsCharLowerA
LoadStringW
CloseWindow
IsHungAppWindow
OpenDesktopA
TabbedTextOutA
DrawFocusRect
DlgDirListA
FillRect
DlgDirListW
OemToCharW
RealChildWindowFromPoint
GetGUIThreadInfo
DragDetect
IsDialogMessageA
GetKeyboardLayoutNameA
OffsetRect
DefWindowProcW
GetScrollPos
KillTimer
GetClipboardOwner
RegisterWindowMessageA
SetMenuContextHelpId
SendDlgItemMessageA
SetScrollRange
UpdateWindow
SetCapture
RegisterDeviceNotificationW
EnumDisplaySettingsExW
CreateDialogParamW
GetWindowLongA
GetTitleBarInfo
GetInputDesktop
GetRawInputDeviceInfoA
UnloadKeyboardLayout
GetKeyboardState
PostThreadMessageW
GetMenuStringA
GetMenuItemInfoW
CreateDialogIndirectParamW
GetScrollRange
EndDialog
CreateIcon
EndTask
PrivateExtractIconsA
RemoveMenu
GetLastInputInfo
SetWindowsHookA
SetMenu
SendMessageCallbackA
SetRectEmpty
DialogBoxParamW
CascadeWindows
DialogBoxParamA
LoadKeyboardLayoutA
SendMessageCallbackW
SetClassWord
WinHelpW
GetWindowModuleFileNameW
IsCharAlphaNumericW
FrameRect
GetClassNameW
DragObject
DefDlgProcA
ModifyMenuW
CloseDesktop
EnableWindow
GetAncestor
SetPortA
GetPrinterDataExW
DevQueryPrint
DeletePrinterDataW
AddJobA
GetPrintProcessorDirectoryA
FreePrinterNotifyInfo
QueryColorProfile
DeletePortA
AddMonitorW
FlushPrinter
DeletePrinterDataExW
DeletePrinterConnectionW
PlayGdiScriptOnPrinterIC
EnumPrinterDriversA
EXTDEVICEMODE
AddPrinterConnectionA
DEVICECAPABILITIES
AddPortA
accept
WSASetServiceA
WSAWaitForMultipleEvents
WSAResetEvent
WSAAsyncGetProtoByName
WSACancelAsyncRequest
WSCWriteNameSpaceOrder
gethostname
WSAAsyncGetHostByName
WSACloseEvent
inet_addr
send
WSASend
WSASetServiceW
WSAAsyncGetHostByAddr
WSAEnumProtocolsW
WSANtohl
WSCUnInstallNameSpace
WSAAsyncGetServByName
WSAStringToAddressA
WSACleanup
WSARemoveServiceClass
getnameinfo
WSACreateEvent
bind
WSCDeinstallProvider
WTSQueryUserConfigW
WTSVirtualChannelPurgeInput
WTSEnumerateSessionsA
WTSVirtualChannelWrite
WTSSetUserConfigW
WTSOpenServerA
WTSUnRegisterSessionNotification
WTSVirtualChannelRead
WTSEnumerateServersW
WTSEnumerateProcessesA
WTSQueryUserConfigA
CryptDestroyKey
RegRestoreKeyA
CredMarshalCredentialA
QueryServiceObjectSecurity
RegQueryValueExA
RegOverridePredefKey
GetLocalManagedApplicationData
ReportEventA
RegisterEventSourceW
CryptEnumProviderTypesW
GetAccessPermissionsForObjectW
RegOpenKeyW
SaferSetPolicyInformation
ChangeServiceConfig2A
SetServiceStatus
ImpersonateSelf
ElfDeregisterEventSource
LsaOpenSecret
AddAccessAllowedAceEx
GetSecurityDescriptorSacl
CryptVerifySignatureA
LsaEnumerateTrustedDomains
InitializeSid
LsaOpenTrustedDomain
WmiDevInstToInstanceNameA
LsaLookupSids
RegDeleteValueW
RevertToSelf
QueryServiceLockStatusA
RegisterServiceCtrlHandlerExA
BuildTrusteeWithSidA
ConvertAccessToSecurityDescriptorW
ElfOpenEventLogW
SaferIdentifyLevel
RegisterServiceCtrlHandlerExW
PrivilegeCheck
SetKernelObjectSecurity
SaferiSearchMatchingHashRules
ImageList_Write
PropertySheetA
CreateToolbarEx
InitCommonControls
GetEffectiveClientRect
ImageList_SetDragCursorImage
FlatSB_GetScrollInfo
ShowHideMenuCtl
CreateStatusWindow
FlatSB_SetScrollRange
MakeDragList
ImageList_GetImageRect
ImageList_DrawEx
ImageList_SetIconSize
ImageList_SetFlags
FlatSB_ShowScrollBar
ImageList_Read
MenuHelp
ImageList_AddMasked
ImageList_GetImageCount
DestroyPropertySheetPage
CreateToolbar
DrawStatusTextA
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_ReplaceIcon
ImageList_AddIcon
ImageList_Duplicate
InitCommonControlsEx
ImageList_LoadImageA
CreatePropertySheetPageW
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Remove
CreateICA
CreateMetaFileA
GetCurrentPositionEx
GetBkMode
RemoveFontResourceTracking
ResizePalette
GdiGradientFill
GdiProcessSetup
PathToRegion
SelectFontLocal
GetBitmapBits
EngCreatePalette
Rectangle
GetBrushOrgEx
PaintRgn
GetEUDCTimeStamp
EngTextOut
GdiConvertRegion
GetEnhMetaFileDescriptionA
GdiStartPageEMF
RectInRegion
CreateSolidBrush
EngQueryEMFInfo
EngDeleteClip
GetOutlineTextMetricsA
EngDeleteSurface
SelectClipPath
DrawEscape
GetStockObject
GetAspectRatioFilterEx
StrokePath
CreateEllipticRgnIndirect
ExtSelectClipRgn
CreateCompatibleDC
EngPlgBlt
EngComputeGlyphSet
CreateRectRgn
SelectObject
SetPolyFillMode
GetWinMetaFileBits
SetFontEnumeration
SetWindowExtEx
GdiValidateHandle
PolyPolygon
Ellipse
GetVolumePathNameW
DeactivateActCtx
WaitForSingleObject
GetDriveTypeA
CreateJobObjectW
GetPrivateProfileSectionNamesW
GetFileAttributesExA
CreateTimerQueue
ScrollConsoleScreenBufferW
GetCommandLineW
LocalAlloc
MapViewOfFileEx
SetErrorMode
WaitCommEvent
GetTempPathA
FoldStringW
GetCPInfo
WritePrivateProfileStructA
GetTempPathW
HeapLock
GetThreadTimes
ReleaseActCtx
WritePrivateProfileStructW
EnumCalendarInfoExA
PulseEvent
FindActCtxSectionStringW
FreeLibrary
LocalFree
EnumLanguageGroupLocalesW
TransmitCommChar
GetThreadPriority
InitAtomTable
ReadConsoleInputExW
GetStringTypeExW
GetLogicalDriveStringsW
AllocConsole
HeapDestroy
QueryDosDeviceW
FindNextChangeNotification
EnumDateFormatsA
SignalObjectAndWait
GetEnvironmentVariableW
SetLastError
PeekNamedPipe
GetWriteWatch
ReplaceFile
HeapAlloc
GetModuleFileNameA
FoldStringA
EnumCalendarInfoA
WriteProfileStringA
InvalidateConsoleDIBits
SetFilePointerEx
SetProcessAffinityMask
FlushInstructionCache
SetCalendarInfoA
RtlCaptureStackBackTrace
MoveFileExW
GetSystemDirectoryW
GlobalAddAtomA
WaitForSingleObjectEx
SetHandleInformation
GetThreadSelectorEntry
ConvertThreadToFiber
ReadConsoleOutputW
SetCurrentDirectoryW
VirtualQuery
PrivCopyFileExW
ReadConsoleW
GetVersion
GetModuleHandleExA
SleepEx
CallNamedPipeW
GetSystemTime
RequestDeviceWakeup
CreateMailslotW
lstrcmp
GetCommMask
MoveFileWithProgressA
LoadLibraryA
RtlUnwind
WriteConsoleInputW
GetFileSize
AddAtomA
WaitForMultipleObjects
CreateDirectoryA
GetDateFormatW
SetCommMask
LoadModule
BackupWrite
FindVolumeMountPointClose
GlobalLock
GetConsoleAliasesA
GetNumberOfConsoleFonts
AssignProcessToJobObject
EnumDateFormatsExA
LZCopy
EnumResourceNamesA
CreateHardLinkW
CreateTimerQueueTimer
FindFirstFileW
IsValidLocale
FindFirstFileExW
ExpandEnvironmentStringsA
GlobalAlloc
ReadDirectoryChangesW
CreateFileA
LocalUnlock
FindFirstVolumeW
GetNativeSystemInfo
FlushConsoleInputBuffer
GlobalDeleteAtom
FindFirstChangeNotificationA
GetConsoleCP
GlobalGetAtomNameA
MoveFileA
GetUserGeoID
HeapCompact
LockFile
FileTimeToLocalFileTime
SizeofResource
BuildCommDCBAndTimeoutsA
GetCurrentProcessId
LockResource
GetConsoleTitleW
GetCompressedFileSizeW
GetCurrentDirectoryA
GetCPInfoExA
GetCommandLineA
GetGeoInfoA
PeekConsoleInputW
CancelWaitableTimer
RtlCaptureContext
lstrcpynA
CreateConsoleScreenBuffer
GetModuleHandleW
CreateProcessA
OpenSemaphoreA
VirtualFree
ReadFileEx
IsBadCodePtr
FindResourceA
OleLockRunning
CoUninitialize
OleCreateLinkEx
ReadStringStream
CoMarshalInterThreadInterfaceInStream
FmtIdToPropStgName
CLSIDFromProgIDEx
StgCreateDocfile
OleCreateLink
OleCreateStaticFromData
CLSIDFromOle1Class
HWND_UserUnmarshal
GetDocumentBitStg
CoRegisterChannelHook
HENHMETAFILE_UserFree
CoDeactivateObject
ProgIDFromCLSID
FreePropVariantArray
PropSysAllocString
StgOpenStorage
CoGetStandardMarshal
HWND_UserFree
CoTestCancel
OleQueryLinkFromData
UtGetDvtd16Info
WriteClassStg
CoReleaseServerProcess
VarMul
VarI8FromI1
VarFormat
VarI8FromR8
VarCyFromI1
VarCyFromUI8
VarUI4FromUI2
VarCyRound
VarI4FromI8
VarCyFromUI1
VarBstrFromUI8
SafeArrayDestroyDescriptor
VarCyCmpR8
GetActiveObject
SafeArrayUnlock
VarDecCmpR8
VarI1FromI8
VarAnd
VarUI2FromI8
VarI8FromUI8
VarCyAdd
VarI8FromUI2
VarDecFix
VarMod
VarR4FromUI2
VarUI4FromCy
DllGetClassObject
VarR4FromBool
VarI2FromUI4
SafeArrayGetDim
VarDecFromI4
DragQueryFileW
StrCmpNIW
ShellExec_RunDLL
SHChangeNotify
RealShellExecuteW
SHQueryRecycleBinA
Shell_NotifyIcon
ExtractIconW
DragQueryFileA
RealShellExecuteA
SHFormatDrive
SHCreateQueryCancelAutoPlayMoniker
SHCreateDirectoryExW
ShellExec_RunDLLW
SHGetDesktopFolder
WOWShellExecute
SHEmptyRecycleBinA
Control_RunDLLW
StrStrIA
SHCreateLocalServerRunDll
SHGetDiskFreeSpaceExA
ExtractAssociatedIconW
SHFreeNameMappings
SHGetSpecialFolderPathA
Control_RunDLLA
SHAddToRecentDocs
SHGetDiskFreeSpaceExW
DllRegisterServer
StrRStrW
RealShellExecuteExW
FindExecutableA
AppCompat_RunDLLW
DllInstall
ExtractIconExW
SHGetSpecialFolderLocation
StrCmpNA
SHAppBarMessage
SHGetNewLinkInfoW
Control_RunDLL
SHEnumerateUnreadMailAccountsW
RedrawWindow
GetForegroundWindow
ShowStartGlass
CallMsgFilterW
CharPrevA
MessageBoxTimeoutW
BroadcastSystemMessageA
EnableScrollBar
DrawAnimatedRects
DestroyMenu
GetGuiResources
MessageBoxTimeoutA
EnumDesktopsA
DrawStateW
OemToCharBuffA
GrayStringW
SetDeskWallpaper
OpenIcon
SetMenuItemInfoA
SetDlgItemInt
OemToCharBuffW
CascadeWindows
CloseWindowStation
SetClassLongA
GetInputDesktop
CharUpperBuffW
SetProgmanWindow
GetDC
GetAsyncKeyState
MapDialogRect
GetMenuStringW
GetClipCursor
SendMessageW
DlgDirSelectExA
SendMessageA
SetThreadDesktop
GetClientRect
SetMenuDefaultItem
GetNextDlgTabItem
GetThreadDesktop
LoadMenuIndirectA
LoadImageW
SetMessageExtraInfo
BlockInput
DrawFrame
GetDlgItemInt
CascadeChildWindows
OpenClipboard
GetWindowTextW
EnumPropsExW
EnumClipboardFormats
GetMenuBarInfo
GetMenuItemInfoA
MapVirtualKeyExA
DestroyWindow
GetUserObjectInformationW
SystemParametersInfoA
GetPropW
CharNextExA
MapVirtualKeyExW
GetCaretPos
FlashWindowEx
GetListBoxInfo
IsCharAlphaW
CreateIconFromResource
CreateMDIWindowW
ShowWindowAsync
GetClassInfoW
GetClipboardFormatNameW
SetSystemMenu
ChildWindowFromPoint
IsCharAlphaA
IsWindowEnabled
GetMenuDefaultItem
ActivateKeyboardLayout
CreateCursor
EditWndProc
LoadStringA
GetMenuItemRect
GetRawInputDeviceInfoA
CharLowerA
LoadStringW
WindowFromDC
IsHungAppWindow
RegisterClassA
GetMenuItemCount
EnumPropsA
SetTimer
LoadKeyboardLayoutEx
GetKeyboardLayout
CopyRect
ExitWindowsEx
DlgDirListW
RealChildWindowFromPoint
GetWindowLongW
CharNextW
IsChild
DrawMenuBarTemp
MapWindowPoints
SendNotifyMessageA
GetMonitorInfoW
MapVirtualKeyA
PeekMessageA
SwitchDesktop
GetMonitorInfoA
MapVirtualKeyW
ClipCursor
CheckMenuRadioItem
ToAsciiEx
RegisterWindowMessageW
ArrangeIconicWindows
ToUnicodeEx
RegisterDeviceNotificationA
WindowFromPoint
InflateRect
InvertRect
SetCapture
DrawTextExW
GetMessageExtraInfo
RegisterDeviceNotificationW
EnumDisplaySettingsExW
SetKeyboardState
CheckDlgButton
GetTabbedTextExtentW
WaitMessage
DrawIconEx
LockWorkStation
SetWindowTextW
GetDCEx
CreateDialogParamA
BringWindowToTop
SetClipboardViewer
PostMessageW
GetClassLongA
IsCharUpperA
FindWindowExA
TrackPopupMenu
GetMenuStringA
GetSysColorBrush
DestroyAcceleratorTable
SwapMouseButton
GetMenuState
IsDialogMessageW
GetSystemMenu
FindWindowExW
SetForegroundWindow
DrawCaptionTempW
DialogBoxIndirectParamA
GetMenuItemInfoW
GetCaretBlinkTime
CreateDialogIndirectParamW
CharLowerBuffW
GetScrollRange
GetWindowTextA
EndDialog
CharNextA
CreateDialogIndirectParamA
FindWindowA
LoadMenuW
DrawTextExA
RemoveMenu
wvsprintfW
MessageBoxExA
GetMenu
RegisterClassExW
SetMenu
SetDlgItemTextA
SetRectEmpty
SetUserObjectInformationA
LoadKeyboardLayoutW
MessageBoxA
AppendMenuW
GetWindowDC
GetFocus
SetScrollInfo
CopyImage
PrivateExtractIconExA
UpdateLayeredWindow
SetClassWord
PrintWindow
EnumDisplayMonitors
RealGetWindowClassW
OemKeyScan
IsWindowVisible
WinHelpW
GetDesktopWindow
GetClipboardData
GetWindowThreadProcessId
SetCursorPos
SystemParametersInfoW
WinHelpA
FrameRect
GetAltTabInfoW
CreateAcceleratorTableA
ChangeMenuA
DragObject
DefDlgProcA
ModifyMenuW
UnregisterDeviceNotification
GetCursor
SendMessageTimeoutW
ModifyMenuA
SetCursor
DeviceCapabilitiesW
ConnectToPrinterDlg
PlayGdiScriptOnPrinterIC
DocumentPropertiesW
SetPrinterA
StartDocDlgW
FreePrinterNotifyInfo
SetPrinterW
EnumPrintProcessorsW
DeviceCapabilitiesA
AddJobW
AddPrinterDriverA
EnumPortsA
DeletePrinter
GetPrinterDataExW
EnumPrinterDriversW
CommitSpoolData
GetDefaultPrinterA
DeletePrintProcessorW
DeletePrinterDriverA
DeletePrintProvidorA
PerfCollect
GetJobW
EnumPrinterDataExA
DeletePrinterKeyW
AddPrintProcessorW
GetFormW
EnumPrintProcessorDatatypesA
SetPrinterDataExA
DeletePrinterDriverExW
WaitForPrinterChange
EXTDEVICEMODE
AddPortExA
DeleteFormA
AddFormW
EnumPrintersW
SetPrinterDataA
DEVICECAPABILITIES
WSCUpdateProvider
WSAInstallServiceClassA
WSACreateEvent
WSCInstallNameSpace
freeaddrinfo
WSCInstallProvider
WSCEnableNSProvider
WSACancelAsyncRequest
gethostname
getsockopt
WSAHtons
WSASetServiceA
WSAAsyncGetProtoByName
WSASetServiceW
gethostbyaddr
WSANtohl
WSCUnInstallNameSpace
WSALookupServiceNextA
WSAEventSelect
getnameinfo
WSAAddressToStringW
recv
WSAStringToAddressW
inet_addr
socket
WSASendTo
WSALookupServiceBeginA
WSAEnumNetworkEvents
WSANSPIoctl
getprotobynumber
getservbyname
WTSVirtualChannelPurgeInput
WTSEnumerateSessionsA
WTSVirtualChannelClose
WTSVirtualChannelPurgeOutput
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSShutdownSystem
WTSLogoffSession
WTSSetSessionInformationA
WTSCloseServer
WTSQueryUserConfigA
WTSFreeMemory
WTSRegisterSessionNotification
WTSSetSessionInformationW
WTSSetUserConfigW
WTSOpenServerW
WTSQueryUserConfigW
WTSQuerySessionInformationA
WTSQueryUserToken
WTSVirtualChannelWrite
WTSVirtualChannelRead
WTSEnumerateProcessesW
WTSQuerySessionInformationW
WTSEnumerateServersW
WTSEnumerateProcessesA
WTSVirtualChannelQuery
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 6
RUSSIAN 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
61440

ImageVersion
0.0

ProductName
ternals Desin wbugvieSy

FileVersionNumber
4.76.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
2.25

OriginalFilename
fdjuu5we.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.76

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
rnaStels Deut Viebug sinOuertpw

FileAccessDate
2014:11:28 08:36:07+01:00

ProductVersion
4.76

FileDescription
AllowMultipleInstances

OSVersion
4.0

FileCreateDate
2014:11:28 08:36:07+01:00

FileOS
Windows NT 32-bit

LegalCopyright
998 Ma8-20no0rk Ruichssiv

MachineType
Intel 386 or later, and compatibles

CompanyName
Slsysernaint

CodeSize
425984

FileSubtype
0

ProductVersionNumber
4.76.0.0

EntryPoint
0x14c8

ObjectFileType
Executable application

File identification
MD5 28f51c1416a9085aea5688aa26c697ea
SHA1 0f2fbac527e2e0e235d073126d2e633c39655a13
SHA256 0660bfce9ceb71d0434f492f637a000bf86b29dcf50b69a0fe2eb35962d7df4f
ssdeep
6144:vcR/S7Q6vIDmQJoqYvKhppX44d6wXg3TCZsfu+kHzrdq3Oi2bQfb+XHGXFVqz7gg:vcR/Cobpoa5g3TuiOT4ei9fb+XHGq

authentihash 5688ea407e3835529a92b03f633b9493515716955da7243355dd479dfcde85b7
imphash 419ce1a395ffbf324a4fd8df5b9cff2a
File size 477.0 KB ( 488448 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (32.6%)
Windows Screen Saver (29.1%)
Win32 Dynamic Link Library (generic) (14.6%)
Win32 Executable (generic) (10.0%)
Win16/32 Executable Delphi generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-28 07:36:01 UTC ( 3 years, 6 months ago )
Last submission 2014-11-28 07:36:01 UTC ( 3 years, 6 months ago )
File names rnaStels Deut Viebug sinOuertpw
fdjuu5we.exe
0f2fbac527e2e0e235d073126d2e633c39655a13
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections