× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 07ae22e9d2b5d523d1e7e6c7b53db3011de92b9440118d51edba09c5856f23c3
File name: a
Detection ratio: 8 / 43
Analysis date: 2012-03-07 21:44:42 UTC ( 7 years, 2 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.FakeAV 20120307
Avast Win32:FakeAlert-CCS [Trj] 20120307
Comodo TrojWare.Win32.FakeAV.CVM 20120307
DrWeb Trojan.Fakealert.29026 20120307
eTrust-Vet Win32/Winwebsec.E!generic 20120307
Fortinet W32/Kryptik.MUH!tr 20120305
GData Win32:FakeAlert-CCS 20120307
Sophos AV Mal/FakeAV-OYY 20120307
AntiVir 20120307
Antiy-AVL 20120305
AVG 20120307
BitDefender 20120307
ByteHero 20120305
CAT-QuickHeal 20120307
ClamAV 20120307
Commtouch 20120307
Emsisoft 20120307
eSafe 20120305
F-Prot 20120307
F-Secure 20120307
Ikarus 20120307
Jiangmin 20120301
K7AntiVirus 20120306
Kaspersky 20120307
McAfee 20120307
McAfee-GW-Edition 20120307
Microsoft 20120307
NOD32 20120307
Norman 20120304
nProtect 20120307
Panda 20120307
PCTools 20120228
Prevx 20120307
Rising 20120307
SUPERAntiSpyware 20120307
Symantec 20120305
TheHacker 20120307
TrendMicro 20120306
TrendMicro-HouseCall 20120307
VBA32 20120307
VIPRE 20120307
ViRobot 20120307
VirusBuster 20120307
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-10-25 19:34:24
Entry Point 0x000BC340
Number of sections 4
PE sections
Overlays
MD5 a092200341964383127a1d609ce6bf24
File type data
Offset 21504
Size 339456
Entropy 7.99
PE imports
OpenMutexA
GetSystemTime
LocalFree
GetModuleHandleA
GetStdHandle
lstrlenA
LocalFlags
GetLastError
GetConsoleTitleW
VirtualProtectEx
CreateEventA
FindClose
LoadLibraryExW
IsBadReadPtr
FreeConsole
GlobalUnlock
GlobalLock
GetACP
CloseHandle
GetMessageA
CreateWindowExA
LoadCursorA
GetParent
GetSubMenu
EndDialog
GetDlgItemTextA
MessageBoxA
IsMenu
ClipCursor
DialogBoxParamA
IsIconic
GetKeyState
EnableTheming
DrawThemeText
GetCurrentThemeName
CloseThemeData
DrawThemeBackground
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:10:25 20:34:24+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2048

LinkerVersion
10.0

FileTypeExtension
exe

InitializedDataSize
18432

SubsystemVersion
4.0

EntryPoint
0xbc340

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 77ae5fbe154e6ab6749573e02ef79162
SHA1 325c8b167d70d199fe2fffd30746f6694ef27183
SHA256 07ae22e9d2b5d523d1e7e6c7b53db3011de92b9440118d51edba09c5856f23c3
ssdeep
6144:gmZ0zANEa8Li1bWlWjkoCtfwR+RwBT4M9NdX753uSUQ1sab3nPNPQ5jf:gs08N5qAWgko8wR54aN7mwsSlPO

authentihash 04a410259ed6bebfcfa4ff2e05db10fa75872b848754d76670dbdded8513d3a5
imphash f990541d87058f8808e8deb3d2ce48f5
File size 352.5 KB ( 360960 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-03-07 17:24:21 UTC ( 7 years, 2 months ago )
Last submission 2012-03-07 21:44:42 UTC ( 7 years, 2 months ago )
File names a
34
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs