× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 080f4790a48eacf445a696f1e7b263525fc120d2de9377102f5e9249530d1991
File name: HydraBot ~Gale Edition~ v107 x64.exe
Detection ratio: 0 / 45
Analysis date: 2012-12-26 13:03:49 UTC ( 4 years, 11 months ago ) View latest
Antivirus Result Update
Yandex 20121226
AhnLab-V3 20121225
AntiVir 20121226
Antiy-AVL 20121226
Avast 20121226
AVG 20121226
BitDefender 20121226
ByteHero 20121226
CAT-QuickHeal 20121226
ClamAV 20121226
Commtouch 20121226
Comodo 20121226
Emsisoft 20121226
eSafe 20121226
ESET-NOD32 20121226
F-Prot 20121226
F-Secure 20121226
Fortinet 20121226
GData 20121226
Ikarus 20121226
Jiangmin 20121221
K7AntiVirus 20121224
Kaspersky 20121226
Kingsoft 20121225
Malwarebytes 20121226
McAfee 20121226
McAfee-GW-Edition 20121226
Microsoft 20121226
eScan 20121226
NANO-Antivirus 20121226
Norman 20121226
nProtect 20121226
Panda 20121225
PCTools 20121226
Rising 20121224
Sophos AV 20121226
SUPERAntiSpyware 20121226
Symantec 20121226
TheHacker 20121226
TotalDefense 20121226
TrendMicro 20121226
TrendMicro-HouseCall 20121226
VBA32 20121226
VIPRE 20121226
ViRobot 20121226
The file being studied is a Portable Executable file! More specifically, it is a unknown file for the Windows GUI subsystem.
PE header basic information
Target machine x64
Compilation timestamp 2012-01-29 21:32:45
Entry Point 0x0001A53C
Number of sections 7
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
CopySid
GetAce
AdjustTokenPrivileges
InitializeAcl
LookupPrivilegeValueW
RegDeleteKeyW
UnlockServiceDatabase
RegQueryValueExW
SetSecurityDescriptorDacl
CloseServiceHandle
GetAclInformation
OpenProcessToken
RegConnectRegistryW
RegOpenKeyExW
InitiateSystemShutdownExW
GetTokenInformation
DuplicateTokenEx
GetUserNameW
GetSecurityDescriptorDacl
RegDeleteValueW
LockServiceDatabase
RegEnumKeyExW
OpenThreadToken
GetLengthSid
CreateProcessAsUserW
RegEnumValueW
LogonUserW
RegSetValueExW
OpenSCManagerW
InitializeSecurityDescriptor
CreateProcessWithLogonW
AddAce
ImageList_BeginDrag
ImageList_Destroy
ImageList_Create
ImageList_Remove
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_EndDrag
GetSaveFileNameW
GetOpenFileNameW
CreatePen
LineTo
EndPath
GetPixel
Rectangle
GetDeviceCaps
RoundRect
DeleteDC
SetBkMode
CreateFontW
SetPixel
CreateDCW
GetObjectW
AngleArc
SetTextColor
PolyDraw
GetTextFaceW
GetTextExtentPoint32W
MoveToEx
GetStockObject
SetViewportOrgEx
StrokePath
GetDIBits
CreateCompatibleDC
StrokeAndFillPath
StretchBlt
CloseFigure
SelectObject
CreateCompatibleBitmap
CreateSolidBrush
ExtCreatePen
SetBkColor
BeginPath
DeleteObject
Ellipse
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
GetPrivateProfileSectionNamesW
FlsGetValue
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
RtlUnwindEx
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetDiskFreeSpaceW
FlsAlloc
WriteFile
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
FormatMessageW
ResumeThread
GetTimeZoneInformation
LoadResource
FindClose
MoveFileW
SetFileAttributesW
EncodePointer
GetCurrentThread
GetEnvironmentVariableW
SetLastError
DeviceIoControl
CopyFileW
WriteProcessMemory
OutputDebugStringW
RemoveDirectoryW
Beep
IsDebuggerPresent
HeapAlloc
FlsSetValue
LoadLibraryA
RaiseException
HeapSetInformation
WritePrivateProfileSectionW
RtlVirtualUnwind
GetVolumeInformationW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
GetPrivateProfileStringW
GetFullPathNameW
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
CreatePipe
SetUnhandledExceptionFilter
MulDiv
ExitThread
DecodePointer
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
GetVersion
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
lstrcmpiW
FreeLibrary
GetProcessIoCounters
RtlPcToFileHeader
GetWindowsDirectoryW
GetFileSize
OpenProcess
GetDateFormatW
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetTempFileNameW
GetComputerNameW
EnumResourceNamesW
CompareStringW
lstrcpyW
GetModuleFileNameW
FindNextFileW
RtlLookupFunctionEntry
CreateHardLinkW
FindFirstFileW
DuplicateHandle
GetProcAddress
SetVolumeLabelW
GetPrivateProfileSectionW
CreateEventW
CreateFileW
GetFileType
ExitProcess
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
VirtualAllocEx
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
GetTimeFormatW
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
Process32NextW
CreateProcessW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
VirtualFreeEx
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCPInfo
HeapSize
SetSystemPowerState
FlsFree
Process32FirstW
WritePrivateProfileStringW
QueryPerformanceFrequency
SetFilePointer
ReadFile
RtlCaptureContext
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
WNetGetConnectionW
WNetCancelConnection2W
WNetUseConnectionW
WNetAddConnection2W
Ord(146)
Ord(7)
Ord(418)
Ord(24)
Ord(11)
Ord(39)
Ord(31)
Ord(35)
Ord(411)
Ord(77)
Ord(220)
Ord(6)
Ord(2)
Ord(37)
Ord(12)
Ord(10)
Ord(23)
Ord(8)
Ord(164)
Ord(38)
Ord(185)
Ord(32)
Ord(9)
Ord(41)
GetProcessMemoryInfo
EnumProcesses
EnumProcessModules
GetModuleBaseNameW
SHGetFolderPathW
SHEmptyRecycleBinW
SHBrowseForFolderW
DragQueryFileW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
DragQueryPoint
ExtractIconExW
ShellExecuteExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetMalloc
DragFinish
RedrawWindow
GetForegroundWindow
UnregisterHotKey
DrawTextW
SetWindowLongPtrW
SetUserObjectSecurity
DestroyMenu
PostQuitMessage
SetWindowPos
IsWindow
EndPaint
OpenWindowStationW
WindowFromPoint
CharUpperBuffW
VkKeyScanW
SetMenuItemInfoW
SetActiveWindow
DispatchMessageW
GetCursorPos
CharLowerBuffW
GetDlgCtrlID
GetMenu
GetClientRect
GetMenuItemInfoW
SetMenuDefaultItem
IsClipboardFormatAvailable
LoadImageW
CountClipboardFormats
GetKeyboardLayoutNameW
ClientToScreen
GetActiveWindow
RegisterHotKey
OpenClipboard
GetWindowTextW
LockWindowUpdate
GetWindowTextLengthW
CopyImage
PtInRect
GetParent
GetCursorInfo
AttachThreadInput
EnumWindows
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
GetDesktopWindow
IsCharAlphaW
PeekMessageW
InsertMenuItemW
TranslateMessage
IsWindowEnabled
SetClipboardData
DestroyWindow
OpenDesktopW
IsZoomed
LoadStringW
DrawMenuBar
IsCharLowerW
IsIconic
TrackPopupMenuEx
DrawFocusRect
CreateMenu
IsDialogMessageW
FlashWindow
EnumThreadWindows
MonitorFromPoint
CopyRect
GetSysColorBrush
CreateWindowExW
GetWindowLongW
CharNextW
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
CreateAcceleratorTableW
EmptyClipboard
BeginPaint
DefWindowProcW
keybd_event
KillTimer
MapVirtualKeyW
CheckMenuRadioItem
GetClipboardData
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
SetProcessWindowStation
SendDlgItemMessageW
SetKeyboardState
InvalidateRect
CreatePopupMenu
GetSubMenu
SetWindowTextW
SetTimer
GetDlgItem
SystemParametersInfoW
SendInput
ScreenToClient
PostMessageW
CloseWindowStation
GetKeyboardState
GetMenuItemCount
GetClassLongPtrW
IsDlgButtonChecked
DestroyAcceleratorTable
CreateIconFromResourceEx
LoadCursorW
LoadIconW
FindWindowExW
GetMenuItemID
FillRect
SetForegroundWindow
GetProcessWindowStation
ExitWindowsEx
GetMenuStringW
GetAsyncKeyState
EnableWindow
ReleaseDC
SetLayeredWindowAttributes
EndDialog
FindWindowW
MessageBeep
GetWindowThreadProcessId
MessageBoxW
SendMessageW
RegisterClassExW
SetMenu
MoveWindow
DialogBoxParamW
MessageBoxA
IsMenu
GetWindowDC
AdjustWindowRectEx
mouse_event
SendMessageTimeoutW
GetSysColor
GetKeyState
DestroyIcon
IsWindowVisible
GetWindowLongPtrW
IsCharAlphaNumericW
GetDC
FrameRect
SetRect
DeleteMenu
MonitorFromRect
GetUserObjectSecurity
GetClassNameW
BlockInput
CloseDesktop
IsCharUpperW
GetFocus
wsprintfW
CloseClipboard
TranslateAcceleratorW
DefDlgProcW
SetCursor
CreateEnvironmentBlock
LoadUserProfileW
UnloadUserProfile
DestroyEnvironmentBlock
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
HttpQueryInfoW
FtpOpenFileW
InternetQueryDataAvailable
InternetQueryOptionW
InternetConnectW
FtpGetFileSize
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetSetOptionW
HttpSendRequestW
InternetOpenUrlW
InternetOpenW
HttpOpenRequestW
waveOutSetVolume
timeGetTime
mciSendStringW
Ord(3)
Ord(1)
Ord(111)
Ord(115)
Ord(18)
Ord(11)
Ord(20)
Ord(17)
Ord(15)
Ord(52)
Ord(13)
Ord(151)
Ord(116)
Ord(4)
Ord(19)
Ord(2)
Ord(10)
Ord(57)
Ord(23)
Ord(21)
Ord(16)
Ord(9)
CreateStreamOnHGlobal
OleUninitialize
CoUninitialize
CoInitialize
CoTaskMemAlloc
ProgIDFromCLSID
OleSetContainedObject
CoCreateInstance
CoInitializeSecurity
CLSIDFromProgID
IIDFromString
CreateBindCtx
OleSetMenuDescriptor
CoCreateInstanceEx
CoTaskMemFree
MkParseDisplayName
CLSIDFromString
StringFromGUID2
CoSetProxyBlanket
OleInitialize
Number of PE resources by type
RT_STRING 7
RT_ICON 6
RT_GROUP_ICON 4
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 19
ENGLISH US 2
ExifTool file metadata
SubsystemVersion
5.2

InitializedDataSize
211456

ImageVersion
0.0

FileVersionNumber
3.3.8.1

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
10.0

MIMEType
application/octet-stream

FileVersion
3, 3, 8, 1

TimeStamp
2012:01:29 21:32:45+00:00

FileType
Win64 EXE

PEType
PE32+

OSVersion
5.2

FileOS
Win32

Subsystem
Windows GUI

CompiledScript
AutoIt v3 Script: 3, 3, 8, 1

MachineType
AMD AMD64

CodeSize
596992

FileSubtype
0

ProductVersionNumber
3.3.8.1

EntryPoint
0x1a53c

ObjectFileType
Unknown

File identification
MD5 c7d272303067bca4582bf4c2a1e13a79
SHA1 7372ab4cf51eedd09dba7d434e2d3d5fff496cec
SHA256 080f4790a48eacf445a696f1e7b263525fc120d2de9377102f5e9249530d1991
ssdeep
24576:3AQoDefT6HesrQrSDZhyZ+aan+mMfqZaRf6tgZ86YmZZbf4Q+A1oYV9o8:3AcGHC2ZUZ+umWea4tg7zJ+A1HV9o8

File size 1.1 MB ( 1180250 bytes )
File type unknown
Magic literal
MS-DOS executable PE for MS Windows (GUI) Mono/.Net assembly

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
VirusTotal metadata
First submission 2012-12-26 13:03:49 UTC ( 4 years, 11 months ago )
Last submission 2012-12-27 02:44:10 UTC ( 4 years, 11 months ago )
File names HydraBot ~Gale Edition~ v107 x64.exe
file-4943909_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!