× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1035fdf8f0fda535ff2d7ab1c177572caade15c43af872959b5784effe3496e1
File name: Trainer-UPX.exe
Detection ratio: 7 / 43
Analysis date: 2012-02-02 05:02:04 UTC ( 5 years, 4 months ago ) View latest
Antivirus Result Update
BitDefender Gen:Variant.Kazy.28717 20120202
F-Secure Gen:Variant.Kazy.28717 20120202
GData Gen:Variant.Kazy.28717 20120202
nProtect Gen:Variant.Kazy.28717 20120201
TheHacker Posible_Worm32 20120202
TrendMicro PAK_Generic.001 20120201
TrendMicro-HouseCall PAK_Generic.001 20120202
AhnLab-V3 20120201
AntiVir 20120201
Antiy-AVL 20120131
Avast 20120202
AVG 20120202
ByteHero 20120128
CAT-QuickHeal 20120131
ClamAV 20120202
Commtouch 20120201
Comodo 20120202
DrWeb 20120202
Emsisoft 20120202
eSafe 20120130
eTrust-Vet 20120201
F-Prot 20120201
Fortinet 20120202
Ikarus 20120202
Jiangmin 20120201
K7AntiVirus 20120201
Kaspersky 20120202
McAfee 20120202
McAfee-GW-Edition 20120202
Microsoft 20120201
NOD32 20120202
Norman 20120201
Panda 20120201
PCTools 20120201
Prevx 20120202
Rising 20120118
Sophos 20120202
SUPERAntiSpyware 20120202
Symantec 20120202
VBA32 20120131
VIPRE 20120202
ViRobot 20120202
VirusBuster 20120202
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
File version 1.0.0.0
PE header basic information
Number of sections 3
PE sections
PE imports
OpenProcessToken
InitCommonControls
SetBkMode
LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
EnumProcesses
ShellExecuteA
ExifTool file metadata
UninitializedDataSize
135168

InitializedDataSize
20480

ImageVersion
1.0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
ASCII

LinkerVersion
2.56

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
2012:02:02 05:47:27+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
81920

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x34ff0

ObjectFileType
Executable application

File identification
MD5 861f481c9647371ff7fb73c2d7e0a039
SHA1 9274889581afa3bf000516cf1514304dcac3d23c
SHA256 1035fdf8f0fda535ff2d7ab1c177572caade15c43af872959b5784effe3496e1
ssdeep
1536:PWwm0iBGmqAbivvzMzZ7kdGduF94NN5VI7eYZ3EY8GUQSYC0ulZW:+VP7iTMHuF94JV4TUQtC

File size 94.0 KB ( 96256 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit, UPX compressed

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
VirusTotal metadata
First submission 2012-02-02 05:02:04 UTC ( 5 years, 4 months ago )
Last submission 2012-02-02 19:18:08 UTC ( 5 years, 4 months ago )
File names file-3495544_exe
861f481c9647371ff7fb73c2d7e0a039
Trainer-UPX.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!