× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0ef67fa621fe1e4a203b6b0e63437dd79a4668cb8fc34a7f53b5ce1ef8dfb1a8
File name: vx_progui.exe
Detection ratio: 13 / 65
Analysis date: 2018-11-19 12:03:23 UTC ( 6 months ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20181119
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cyren W32/VBKrypt.EP.gen!Eldorado 20181119
Endgame malicious (high confidence) 20181108
F-Prot W32/VBKrypt.EP.gen!Eldorado 20181119
Ikarus Trojan-Spy.Agent 20181119
Sophos ML heuristic 20181108
McAfee Artemis!5F6F4978D29F 20181119
McAfee-GW-Edition BehavesLike.Win32.Fareit.gc 20181119
Microsoft PWS:Win32/Primarypass.A 20181119
Palo Alto Networks (Known Signatures) generic.ml 20181119
Qihoo-360 HEUR/QVM03.0.4E6A.Malware.Gen 20181119
SentinelOne (Static ML) static engine - malicious 20181011
Ad-Aware 20181119
AegisLab 20181119
AhnLab-V3 20181119
Alibaba 20180921
ALYac 20181119
Antiy-AVL 20181119
Arcabit 20181119
Avast 20181119
Avast-Mobile 20181119
Avira (no cloud) 20181119
Babable 20180918
Baidu 20181119
BitDefender 20181119
Bkav 20181119
CAT-QuickHeal 20181119
ClamAV 20181119
CMC 20181119
Cylance 20181119
DrWeb 20181119
eGambit 20181119
Emsisoft 20181119
ESET-NOD32 20181119
F-Secure 20181119
Fortinet 20181119
GData 20181119
Jiangmin 20181119
K7AntiVirus 20181119
K7GW 20181119
Kaspersky 20181119
Kingsoft 20181119
Malwarebytes 20181119
MAX 20181119
eScan 20181119
NANO-Antivirus 20181119
Panda 20181118
Rising 20181119
Sophos AV 20181119
SUPERAntiSpyware 20181114
Symantec 20181118
Symantec Mobile Insight 20181108
TACHYON 20181119
Tencent 20181119
TheHacker 20181118
TotalDefense 20181118
TrendMicro 20181119
TrendMicro-HouseCall 20181119
Trustlook 20181119
VBA32 20181119
ViRobot 20181119
Webroot 20181119
Yandex 20181116
Zillya 20181116
ZoneAlarm by Check Point 20181119
Zoner 20181119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
TEST----------15

Product TEST----------15
Original name TEST----------15.exe
Internal name TEST----------15
File version 1.00
Description TEST----------15
Comments TEST----------15
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-18 17:59:32
Entry Point 0x000012D8
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
__vbaPrintObj
EVENT_SINK_Release
__vbaStrCmp
_allmul
_adj_fdivr_m64
__vbaAryUnlock
Ord(527)
_adj_fprem
Ord(617)
__vbaLenBstr
_adj_fpatan
EVENT_SINK_AddRef
Ord(526)
__vbaStrToUnicode
_adj_fdiv_m32i
Ord(717)
__vbaExceptHandler
__vbaSetSystemError
__vbaFreeVarList
__vbaRedim
DllFunctionCall
__vbaFPException
__vbaStrVarMove
_adj_fdivr_m16i
_adj_fdiv_r
Ord(100)
__vbaFreeVar
__vbaAryConstruct2
_adj_fdiv_m64
__vbaFreeObj
_CIsin
_CIsqrt
__vbaHresultCheckObj
_CIlog
__vbaStrCopy
__vbaAryLock
_CIcos
Ord(595)
EVENT_SINK_QueryInterface
_adj_fptan
_CItan
__vbaObjSet
_CIatan
__vbaFreeStr
Ord(644)
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaStrMove
__vbaStrToAnsi
_adj_fprem1
_adj_fdivr_m32
__vbaStrCat
__vbaFreeStrList
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
CZECH SYS DEFAULT 1
PE resources
ExifTool file metadata
CodeSize
368640

SubsystemVersion
4.0

Comments
TEST----------15

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Unknown (0805)

FileFlagsMask
0x0000

FileDescription
TEST----------15

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
73728

EntryPoint
0x12d8

OriginalFileName
TEST----------15.exe

MIMEType
application/octet-stream

LegalCopyright
TEST----------15

FileVersion
1.0

TimeStamp
2018:11:18 09:59:32-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
TEST----------15

ProductVersion
1.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
samSUNg

LegalTrademarks
TEST----------15

ProductName
TEST----------15

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 5f6f4978d29f5467442c1566449e1821
SHA1 cfbecc616ddf384268b902b357cffa434c6065d3
SHA256 0ef67fa621fe1e4a203b6b0e63437dd79a4668cb8fc34a7f53b5ce1ef8dfb1a8
ssdeep
6144:7MgDO2uRqhL5B1oiky5BjJ4m5IjtZPXoyAZUQWuMgDO2u:7MgCs1oc5n4mGvXweuMgC

authentihash 86ff15f8330eced7801a40d01d3997a671b4349122f3e46e93d6c60de278cee6
imphash a24ccd426b1e39cea4826e9d0ad24aa9
File size 420.0 KB ( 430080 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (82.7%)
Win32 Dynamic Link Library (generic) (6.6%)
Win32 Executable (generic) (4.5%)
OS/2 Executable (generic) (2.0%)
Generic Win/DOS Executable (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-19 08:01:39 UTC ( 6 months ago )
Last submission 2018-11-27 06:09:42 UTC ( 5 months, 3 weeks ago )
File names uitvbqx.exe
TEST----------15.exe
uitvbqx.exe
5f6f4978d29f5467442c1566449e1821
TEST----------15
uitvbqx.exe
vx_progui.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!