× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 08a6f111c5bc099364369e56ad39688e5f088f8a7ea1107daa90ba566740591c
File name: SQLite VDK
Detection ratio: 47 / 57
Analysis date: 2016-04-11 10:01:31 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.67716 20160411
AegisLab Troj.W32.Generic!c 20160411
AhnLab-V3 Trojan/Win32.Zbot 20160410
ALYac Gen:Variant.Zusy.67716 20160411
Antiy-AVL Trojan[Spy]/Win32.Zbot 20160411
Arcabit Trojan.Zusy.D10884 20160411
Avast Win32:Evo-gen [Susp] 20160411
AVG Luhe.Fiha.A 20160411
Avira (no cloud) TR/Crypt.XPACK.Gen8 20160411
AVware Trojan.Win32.Generic!SB.0 20160411
Baidu-International Trojan.Win32.Zbot.AAO 20160411
BitDefender Gen:Variant.Zusy.67716 20160411
ClamAV Win.Trojan.Zbot-60972 20160408
Comodo UnclassifiedMalware 20160411
Cyren W32/Trojan.DBGA-8303 20160411
DrWeb Trojan.PWS.Panda.2401 20160411
Emsisoft Gen:Variant.Zusy.67716 (B) 20160411
ESET-NOD32 Win32/Spy.Zbot.AAO 20160411
F-Secure Gen:Variant.Zusy.67716 20160411
Fortinet W32/Kryptik.XX!tr 20160404
GData Gen:Variant.Zusy.67716 20160411
Ikarus Trojan.Crypt2 20160411
Jiangmin TrojanSpy.Zbot.dtxr 20160411
K7AntiVirus Spyware ( 0029a43a1 ) 20160410
K7GW Spyware ( 0029a43a1 ) 20160404
Kaspersky HEUR:Trojan.Win32.Generic 20160411
Kingsoft Win32.Troj.Zbot.pq.(kcloud) 20160411
Malwarebytes Ransom.Agent.ED 20160411
McAfee PWS-Zbot.dx 20160411
McAfee-GW-Edition BehavesLike.Win32.ZBot.fc 20160411
Microsoft VirTool:Win32/Obfuscator.AAO 20160411
eScan Gen:Variant.Zusy.67716 20160411
NANO-Antivirus Trojan.Win32.Panda.dfiuzs 20160410
nProtect Trojan-Spy/W32.ZBot.307200.BQK 20160408
Panda Trj/Genetic.gen 20160410
Qihoo-360 Win32/Trojan.Spy.6ef 20160411
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160411
Sophos AV Mal/Generic-S 20160411
Symantec Trojan.Zbot 20160411
Tencent Win32.Trojan.Generic.Airw 20160411
TrendMicro TROJ_SPNR.35JA13 20160411
TrendMicro-HouseCall TROJ_SPNR.35JA13 20160411
VBA32 TrojanSpy.Zbot 20160410
VIPRE Trojan.Win32.Generic!SB.0 20160411
ViRobot Trojan.Win32.Z.Zbot.307200.AH[h] 20160411
Yandex TrojanSpy.Zbot!5Z6XuAfZp3o 20160410
Zillya Trojan.Zbot.Win32.139423 20160409
Alibaba 20160411
Baidu 20160411
Bkav 20160409
CAT-QuickHeal 20160411
CMC 20160408
F-Prot 20160411
SUPERAntiSpyware 20160411
TheHacker 20160411
TotalDefense 20160411
Zoner 20160411
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2007-2013 - E-WimSoft Tech.

Product SQLite VDK Manager
Original name sqlitevdkmng
Internal name SQLite VDK
File version 7.3.1.1
Description SQLite VDK Manager
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-09-09 12:13:54
Entry Point 0x00003470
Number of sections 4
PE sections
PE imports
RegQueryValueExW
ImageList_Create
ImageList_Destroy
GetObjectA
LineTo
DeleteDC
SelectObject
MoveToEx
GetStockObject
CreateFontW
BitBlt
CreateCompatibleDC
DeleteObject
Ellipse
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
ReadFile
SetHandleCount
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
GetStdHandle
HeapAlloc
GetCurrentProcess
EnumSystemLocalesA
GetStartupInfoW
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
GetModuleHandleW
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetUserDefaultLCID
EncodePointer
GetLocaleInfoW
SetStdHandle
RaiseException
WideCharToMultiByte
GetModuleFileNameW
TlsFree
SetFilePointer
HeapSetInformation
LeaveCriticalSection
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
InterlockedIncrement
DecodePointer
CloseHandle
GetSystemTimeAsFileTime
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetProcAddress
TerminateProcess
IsValidCodePage
HeapCreate
SetLastError
CreateFileW
InterlockedDecrement
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
ExitProcess
DeleteCriticalSection
GetProcessHeap
WriteConsoleW
MulDiv
GetParent
EndDialog
BeginPaint
EnumWindows
ShowWindow
GetSystemMetrics
SetWindowLongW
MessageBoxW
GetWindowRect
EndPaint
SetWindowPlacement
MessageBoxA
PostMessageW
GetDC
CreatePopupMenu
SendMessageW
OffsetRect
SendMessageA
SetWindowTextW
GetDlgItem
CreateWindowExA
LoadImageW
SetWindowTextA
GetSysColorBrush
LoadIconW
CreateWindowExW
GetWindowLongW
DestroyWindow
CoTaskMemFree
Number of PE resources by type
RT_BITMAP 1
RT_MANIFEST 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_ICON 1
Number of PE resources by language
CZECH DEFAULT 4
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.3.1.1

UninitializedDataSize
0

LanguageCode
Czech

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
81408

EntryPoint
0x3470

OriginalFileName
sqlitevdkmng

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2007-2013 - E-WimSoft Tech.

FileVersion
7.3.1.1

TimeStamp
2013:09:09 13:13:54+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SQLite VDK

ProductVersion
7.3.1.1

FileDescription
SQLite VDK Manager

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
E-WimSoft Tech.

CodeSize
224768

ProductName
SQLite VDK Manager

ProductVersionNumber
7.3.1.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7f10e64894b5b5469d05c0de52067b1c
SHA1 277edcb7b9ebd51819919a56d3cd7a71e82cb066
SHA256 08a6f111c5bc099364369e56ad39688e5f088f8a7ea1107daa90ba566740591c
ssdeep
6144:IwraY5OrUEiQ6lde5vAFC9oIRuP7GWjgE2FmfAbY0oOKai:IAaY5OwEiQ6lU5eauPSWjV2FmfaYxp

authentihash 545d81b260469fe3af7d75bb3fcca3da150d75455845a4cba3bed41cc110aa7e
imphash 28577fb0f835be027646335797a158c6
File size 300.0 KB ( 307200 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-10 17:02:17 UTC ( 4 years, 9 months ago )
Last submission 2013-09-10 17:02:17 UTC ( 4 years, 9 months ago )
File names sqlitevdkmng
277edcb7b9ebd51819919a56d3cd7a71e82cb066
SQLite VDK
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
TCP connections
UDP communications