× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 08d59093ba2f6730a737dec251bdefbdc80452fe77043347656d6e0f25ffb8f8
File name: x1[1].exe
Detection ratio: 45 / 55
Analysis date: 2014-09-02 21:52:00 UTC ( 4 years, 7 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.1817274 20140902
Yandex Trojan.DL.Agent!54LgmfTOlek 20140902
AhnLab-V3 Dropper/Win32.Necurs 20140902
AntiVir TR/Lethic.B.176 20140902
Antiy-AVL Trojan[Downloader]/Win32.Agent 20140902
Avast Win32:Injector-BYW [Trj] 20140902
AVG Win32/Cryptor 20140902
AVware Trojan.Win32.Generic!BT 20140902
Baidu-International Trojan.Win32.Downloader.Al 20140902
BitDefender Trojan.GenericKD.1817274 20140902
Bkav W32.XjunE.Trojan 20140829
CAT-QuickHeal TrojanDownloader.Agent.r4 20140902
Comodo UnclassifiedMalware 20140902
Cyren W32/Trojan.TTIF-3651 20140902
DrWeb BackDoor.IRC.NgrBot.146 20140902
Emsisoft Trojan.GenericKD.1817274 (B) 20140902
ESET-NOD32 a variant of Win32/Injector.BKJX 20140902
F-Secure Trojan.GenericKD.1817274 20140902
Fortinet W32/Agent.HEUS!tr.dldr 20140902
GData Trojan.GenericKD.1817274 20140902
Ikarus Trojan.Win32.Injector 20140902
K7AntiVirus Trojan ( 004a09c31 ) 20140902
K7GW Trojan ( 004a09c31 ) 20140902
Kaspersky Trojan-Downloader.Win32.Agent.heus 20140902
Kingsoft Win32.Troj.Undef.(kcloud) 20140902
Malwarebytes Trojan.AGent.VXGen 20140902
McAfee RDN/Downloader.a!sr 20140902
McAfee-GW-Edition RDN/Downloader.a!sr 20140902
Microsoft Trojan:Win32/Lethic.B 20140902
eScan Trojan.GenericKD.1817274 20140902
NANO-Antivirus Trojan.Win32.Yakes.debuqr 20140902
Norman Gamarue.BFN 20140902
nProtect Trojan.GenericKD.1817274 20140902
Panda Trj/Chgt.D 20140902
Qihoo-360 Win32/Trojan.e6d 20140902
Sophos AV Mal/Wonton-K 20140902
SUPERAntiSpyware Trojan.Agent/Gen-FalDesc 20140902
Symantec Trojan.Gen 20140902
Tencent Win32.Trojan-downloader.Agent.Edng 20140902
TotalDefense Win32/Lethic.bCCRHG 20140902
TrendMicro TROJ_GEN.R0CBC0DHN14 20140902
TrendMicro-HouseCall TROJ_GEN.R0CBC0DHN14 20140902
VBA32 Trojan.Yakes 20140902
VIPRE Trojan.Win32.Generic!BT 20140902
Zillya Downloader.Agent.Win32.208397 20140901
AegisLab 20140902
ByteHero 20140902
ClamAV 20140902
CMC 20140901
F-Prot 20140902
Jiangmin 20140901
Rising 20140902
TheHacker 20140902
ViRobot 20140902
Zoner 20140901
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-21 22:44:24
Entry Point 0x00012D42
Number of sections 4
PE sections
Number of PE resources by type
RT_DIALOG 9
RT_STRING 6
RT_BITMAP 1
RT_FONT 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 6
ENGLISH PHILIPPINES 1
PE resources
File identification
MD5 f3b45a3f616425a7248018104eae77b7
SHA1 6f46161138d65e3b86ef421d78a555547c00c5ec
SHA256 08d59093ba2f6730a737dec251bdefbdc80452fe77043347656d6e0f25ffb8f8
ssdeep
3072:qXCiLk7ndEFIp8d94jVS1CzyyUQG0m7nEHrn2brn6saBiycEFEp0NC:q4YI09oS1C+ygn28f

imphash 16a6cd4f4d4753f9dfc02624adfe20f6
File size 160.0 KB ( 163840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-08-22 06:17:53 UTC ( 4 years, 8 months ago )
Last submission 2014-09-02 21:52:00 UTC ( 4 years, 7 months ago )
File names ej36xx1.exe
x1[1].exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs