× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 10dad5382ceb4cfcd34c5006adfe11dcd6db7041beefacb6d0bfaf0d8ed8432b
File name: CompetitorHandler.exe
Detection ratio: 51 / 67
Analysis date: 2018-01-05 08:57:12 UTC ( 5 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3688778 20171225
AegisLab Heur.Advml.Gen!c 20180105
AhnLab-V3 Trojan/Win32.Kryptik.C1658018 20180104
ALYac Trojan.GenericKD.3688778 20180105
Antiy-AVL Trojan[Banker]/Win32.Neverquest2 20180103
Arcabit Trojan.Generic.D38494A 20180105
Avast Win32:Malware-gen 20180105
AVG Win32:Malware-gen 20180105
AVware Win32.Malware!Drop 20180103
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180105
BitDefender Trojan.GenericKD.3688778 20180105
CAT-QuickHeal Trojan.Mauvaise.SL1 20180104
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cybereason malicious.1b8fb7 20171103
Cylance Unsafe 20180105
Cyren W32/Trojan.WOKZ-4016 20180105
DrWeb Trojan.Packed2.39303 20180105
Emsisoft Backdoor.Vawtrak (A) 20180105
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/Kryptik.FGVT 20180105
F-Secure Trojan.GenericKD.3688778 20180105
Fortinet W32/Vawtark.A!tr 20180105
GData Trojan.GenericKD.3688778 20180105
Ikarus Trojan.Win32.Krypt 20180104
Sophos ML heuristic 20170914
Jiangmin Trojan.Banker.Neverquest2.fl 20180105
K7AntiVirus Trojan ( 004fcc681 ) 20180105
K7GW Trojan ( 004fcc681 ) 20180105
Kaspersky Trojan-Banker.Win32.Neverquest2.zm 20180105
Malwarebytes Backdoor.Papras 20180105
MAX malware (ai score=100) 20180105
McAfee Generic.amh 20180102
McAfee-GW-Edition BehavesLike.Win32.Downloader.dc 20180105
eScan Trojan.GenericKD.3688778 20180105
NANO-Antivirus Trojan.Win32.Neverquest2.eiiiwm 20180105
Palo Alto Networks (Known Signatures) generic.ml 20180105
Panda Trj/GdSda.A 20180104
Qihoo-360 Win32/Trojan.b2e 20180105
Rising Trojan.Generic!8.C3 (TFE:1:mf4wjyyzDzH) 20180105
SentinelOne (Static ML) static engine - malicious 20171224
Sophos AV Troj/Vawtark-A 20180105
Symantec Trojan.Snifula.F 20180105
Tencent Suspicious.Heuristic.Gen.b.0 20180105
TrendMicro BKDR_VAWTRAK.TRA 20180105
TrendMicro-HouseCall BKDR_VAWTRAK.TRA 20180105
VIPRE Win32.Malware!Drop 20180105
ViRobot Trojan.Win32.Z.Vawtrak.221184.F 20180105
Webroot W32.Trojan.Gen 20180105
Yandex Trojan.PWS.Neverquest2! 20171229
Zillya Trojan.Neverquest2.Win32.245 20180104
ZoneAlarm by Check Point Trojan-Banker.Win32.Neverquest2.zm 20180105
Alibaba 20180105
Avast-Mobile 20180104
Avira (no cloud) 20180105
Bkav 20180104
ClamAV 20180105
CMC 20180104
Comodo 20180105
F-Prot 20180105
Kingsoft 20180105
Microsoft 20180105
nProtect 20180105
SUPERAntiSpyware 20180105
TheHacker 20180103
TotalDefense 20180105
Trustlook 20180105
VBA32 20180104
WhiteArmor 20171226
Zoner 20180105
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2016 Trend Micro Incorporated. All rights reserved.

Product Trend Micro Password Manager
Original name CompetitorHandler.exe
Internal name CompetitorHandler.exe
File version 3.6.0.1076
Description CompetitorHandler
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-10-09 08:52:57
Entry Point 0x00004685
Number of sections 8
PE sections
PE imports
CryptDestroyKey
IsValidAcl
CryptReleaseContext
CryptAcquireContextA
CryptDuplicateHash
ConvertSidToStringSidW
GetCurrentHwProfileW
CryptGenKey
CryptDestroyHash
CryptCreateHash
GetUserDefaultUILanguage
GetLastError
CreateJobObjectA
GetNamedPipeInfo
DelayLoadFailureHook
TerminateThread
lstrcmpiA
GetCommModemStatus
GetVersionExW
GetExitCodeThread
CopyFileA
GetProcessTimes
GetNumberOfConsoleMouseButtons
VirtualProtect
WriteConsoleOutputAttribute
DuplicateHandle
FoldStringA
GetCurrentProcess
GetWindowsDirectoryW
CreateConsoleScreenBuffer
GetFileSize
SetComputerNameW
GetConsoleTitleW
CreateActCtxA
MultiByteToWideChar
GetLogicalDrives
CopyFileExW
GetCalendarInfoA
CommConfigDialogA
GetCurrentThread
GetComputerNameExA
CreateWaitableTimerW
GetFileTime
ReleaseActCtx
CreateThread
DebugSetProcessKillOnExit
DeleteVolumeMountPointW
GetCommTimeouts
ReadFile
ReadConsoleOutputCharacterW
GlobalFindAtomA
GetProcessPriorityBoost
SetHandleInformation
CreateHardLinkW
GetComputerNameExW
GetThreadTimes
GetSystemTimes
lstrcmpW
MoveFileExA
FillConsoleOutputCharacterA
SetPriorityClass
LocalFree
TerminateProcess
AddVectoredExceptionHandler
CreateProcessA
CancelIo
SetThreadIdealProcessor
GetProcessShutdownParameters
SearchPathW
UTRegister
IsDebuggerPresent
GetFileType
SetThreadPriority
GetProcessVersion
CloseHandle
GetForegroundWindow
GetClassInfoExW
GetClipboardOwner
FindWindowA
LoadMenuW
CharLowerA
AppendMenuA
GetWindowRect
GetDialogBaseUnits
LoadCursorFromFileW
GetMenuItemID
GetAsyncKeyState
GetClipCursor
GetMenu
IsCharLowerA
GetClipboardViewer
GetWindowModuleFileNameW
GetSubMenu
CreateMenu
GetActiveWindow
GetDesktopWindow
GetRawInputBuffer
IsRectEmpty
IsMenu
FindWindowExW
LoadAcceleratorsW
GetGUIThreadInfo
IsChild
PtInRect
Number of PE resources by type
RT_CURSOR 16
RT_GROUP_CURSOR 15
RT_STRING 13
RT_ICON 4
RT_DIALOG 3
RT_BITMAP 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 55
PE resources
Debug information
ExifTool file metadata
CoverageBuild
NO

FileTypeExtension
exe

SpecialBuild
1076

CodeSize
77824

UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

ProductName
Trend Micro Password Manager

FileVersionNumber
3.6.0.1076

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
104448

PrivateBuild
Build 1076 - 4/21/2016

Subsystem
Windows GUI

OriginalFileName
CompetitorHandler.exe

MIMEType
application/octet-stream

BuildType
Rel

FileVersion
3.6.0.1076

TimeStamp
2014:10:09 09:52:57+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CompetitorHandler.exe

SubsystemVersion
6.0

ProductVersion
3.6.0.1076

FileDescription
CompetitorHandler

OSVersion
6.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright (C) 2016 Trend Micro Incorporated. All rights reserved.

CompileOption
Release

MachineType
Intel 386 or later, and compatibles

CompanyName
Trend Micro Inc.

LegalTrademarks
Copyright (C) Trend Micro Inc.

FileSubtype
0

ProductVersionNumber
3.6.0.1076

EntryPoint
0x4685

ObjectFileType
Executable application

Compressed bundles
PCAP parents
File identification
MD5 816378c215c1c8d82571ee4f803b086d
SHA1 2b28867623eb0c62b86d8ae1b4c7b577d37d78af
SHA256 10dad5382ceb4cfcd34c5006adfe11dcd6db7041beefacb6d0bfaf0d8ed8432b
ssdeep
3072:BYIIIIb/yIMuZXgsz/rf0go7IH+87ZlXkQi6K0XZA7u0o2HxiVgA0pj68G:BYIIII1dZ9jcgo7IeuUQiCkuekE

authentihash ee2e67e9be5112c0893a52a659fddfc53c90fd778eb70a18aeec7eba9ced51a0
imphash b4e1d5217ebbf9794eec7ca86e0d6aeb
File size 216.0 KB ( 221184 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-10 15:51:27 UTC ( 1 year, 7 months ago )
Last submission 2017-07-25 10:39:16 UTC ( 11 months ago )
File names inst.exe
aa
302_12_08_2016_01_37_26_inst.exe.malware
tejbasx.exe
BN9B55.tmp.3028.dr
LawTugx.exe
output.110780150.txt
816378c215c1c8d82571ee4f803b086d
CompetitorHandler.exe
816378c215c1c8d82571ee4f803b086d.exe.bin
816378c215c1c8d82571ee4f803b086d
816378c215c1c8d82571ee4f803b086d.exe
1 (5).exe
Ky2mxtU_.bz2
Heffex.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!