× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1089c327473296dea79fe1a6a2398cd0a3f21163cc709b6065f8c0dab84da0f9
File name: ceab549db69462898e4f6b1431f523d3.virus
Detection ratio: 38 / 68
Analysis date: 2017-12-01 09:57:28 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Agent.CRHJ 20171201
Antiy-AVL Trojan/Win32.Mansabo 20171201
Arcabit Trojan.Agent.CRHJ 20171201
Avast Win32:Malware-gen 20171201
AVG Win32:Malware-gen 20171201
Avira (no cloud) TR/AD.Inject.miqkq 20171201
AVware Trojan.Win32.Generic!BT 20171201
BitDefender Trojan.Agent.CRHJ 20171201
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cybereason malicious.a12597 20171103
Cylance Unsafe 20171201
DrWeb Trojan.Inject2.64433 20171201
Emsisoft Trojan.Agent.CRHJ (B) 20171201
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/GenKryptik.BGFJ 20171201
F-Secure Trojan.Agent.CRHJ 20171201
Fortinet W32/GenKryptik.BGFJ!tr 20171201
GData Win32.Trojan-Spy.Trickbot.F 20171201
Sophos ML heuristic 20170914
Jiangmin Trojan.Mansabo.ni 20171201
K7AntiVirus Trojan ( 0051ef6b1 ) 20171201
K7GW Trojan ( 0051ef6b1 ) 20171201
Kaspersky Trojan.Win32.Mansabo.aiu 20171201
MAX malware (ai score=85) 20171201
McAfee GenericR-LAZ!CEAB549DB694 20171201
Microsoft Trojan:Win32/Totecx 20171201
eScan Trojan.Agent.CRHJ 20171201
nProtect Trojan/W32.Mansabo.389120.B 20171201
Panda Trj/GdSda.A 20171130
Qihoo-360 Win32/Trojan.BO.540 20171201
Rising Trojan.Totecx!8.F0D3 (CLOUD) 20171201
SentinelOne (Static ML) static engine - malicious 20171113
Sophos AV Mal/Generic-S 20171201
Symantec Trojan.Gen 20171201
TrendMicro-HouseCall TROJ_GEN.R039H0DKU17 20171201
VIPRE Trojan.Win32.Generic!BT 20171201
Webroot W32.Trojan.Gen 20171201
ZoneAlarm by Check Point Trojan.Win32.Mansabo.aiu 20171201
AegisLab 20171201
AhnLab-V3 20171130
Alibaba 20171201
ALYac 20171201
Avast-Mobile 20171201
Baidu 20171201
Bkav 20171129
CAT-QuickHeal 20171130
ClamAV 20171201
CMC 20171201
Comodo 20171201
Cyren 20171201
eGambit 20171201
F-Prot 20171201
Ikarus 20171201
Kingsoft 20171201
Malwarebytes 20171201
McAfee-GW-Edition 20171201
NANO-Antivirus 20171201
Palo Alto Networks (Known Signatures) 20171201
SUPERAntiSpyware 20171201
Symantec Mobile Insight 20171201
Tencent 20171201
TheHacker 20171130
TotalDefense 20171201
TrendMicro 20171201
Trustlook 20171201
VBA32 20171130
ViRobot 20171201
WhiteArmor 20171104
Yandex 20171201
Zillya 20171129
Zoner 20171201
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Learn with FEAC. Our three-day Enterprise Architecture Skills Workshops are intended to give you the practical skills

Product Image Viewer
Original name Image Viewer.exe
Internal name Image Viewer
File version 1.00
Description ESO-Batxillerat-CF del concurs de fotografia FEAC a Claudia Ramos del Col·legi Maristes Montserrat
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-28 16:30:19
Entry Point 0x000014FC
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
Ord(546)
EVENT_SINK_Release
__vbaGenerateBoundsError
_allmul
_CIsin
__vbaInStrVar
_adj_fdivr_m64
__vbaVarTstGe
__vbaVarInt
_adj_fprem
Ord(661)
__vbaVarLateMemCallLdRf
__vbaAryMove
__vbaResume
_adj_fpatan
_adj_fdiv_m32i
__vbaFreeObjList
__vbaRedimPreserve
__vbaStrCopy
Ord(611)
EVENT_SINK_QueryInterface
Ord(608)
__vbaVarAnd
__vbaSetSystemError
__vbaFreeVarList
__vbaRedim
DllFunctionCall
__vbaFPException
__vbaStrVarMove
_adj_fdivr_m16i
__vbaAryUnlock
__vbaUbound
__vbaVarAdd
__vbaExitProc
Ord(100)
Ord(685)
__vbaUI1I2
__vbaFreeVar
EVENT_SINK_AddRef
__vbaObjSetAddref
_adj_fdiv_r
__vbaAryConstruct2
__vbaVarLateMemCallLd
_adj_fdiv_m64
__vbaFreeObj
__vbaHresultCheckObj
_CIsqrt
__vbaVarSub
_CIlog
__vbaVarTstGt
__vbaAryLock
_CIcos
__vbaVarTstEq
_adj_fptan
__vbaI2Var
__vbaObjSet
__vbaLateIdCall
__vbaVarDiv
__vbaVarMove
__vbaUI1Var
__vbaVarLateMemSt
_CIatan
__vbaI2I4
__vbaNew2
__vbaErrorOverflow
__vbaLateIdSt
__vbaLateIdCallLd
__vbaOnError
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaVarMul
_adj_fprem1
_adj_fdivr_m32
__vbaVar2Vec
_CItan
Ord(598)
__vbaFreeStr
_adj_fdiv_m16i
__vbaExceptHandler
Number of PE resources by type
RT_ICON 2
GNPTOTECTION 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
GERMAN LUXEMBOURG 2
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
ESO-Batxillerat-CF del concurs de fotografia FEAC a Claudia Ramos del Col legi Maristes Montserrat

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
331776

EntryPoint
0x14fc

OriginalFileName
Image Viewer.exe

MIMEType
application/octet-stream

LegalCopyright
Learn with FEAC. Our three-day Enterprise Architecture Skills Workshops are intended to give you the practical skills

FileVersion
1.0

TimeStamp
2017:11:28 17:30:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Image Viewer

ProductVersion
1.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
FOR IMMEDIATE RELEASE

CodeSize
53248

ProductName
Image Viewer

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 ceab549db69462898e4f6b1431f523d3
SHA1 fcf101fa125970de01b6305fcddf5779e9ff29fc
SHA256 1089c327473296dea79fe1a6a2398cd0a3f21163cc709b6065f8c0dab84da0f9
ssdeep
6144:Dl6juODDV3WBKRd6AyxM5GDTbwN7r0NBBoA6+epgpddEZ9rulHxqvuNxl6t:+ukDV3Kwd6AyO5Iv674NTEpydeZ4lHUZ

authentihash ed13cf020b3d0c44204e17b0b29de940991d2f913f81767949c9f175fbd348f3
imphash 37af4fe499803c026321a09f75781e57
File size 380.0 KB ( 389120 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (64.7%)
Win64 Executable (generic) (21.7%)
Win32 Dynamic Link Library (generic) (5.1%)
Win32 Executable (generic) (3.5%)
OS/2 Executable (generic) (1.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-12-01 09:57:28 UTC ( 1 year, 2 months ago )
Last submission 2017-12-01 09:57:28 UTC ( 1 year, 2 months ago )
File names Image Viewer.exe
Image Viewer
ceab549db69462898e4f6b1431f523d3.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!