× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 132ca3829c42b4f231a29ad6cf1154e11eb5167f5971b9a801b7a9264f8a91ab
File name: TP4_Routage_VLAN.doc ...
Detection ratio: 55 / 56
Analysis date: 2016-06-22 13:45:06 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Generic.7952044 20160622
AegisLab W32.W.Mabezat.b!c 20160622
AhnLab-V3 Worm/Win32.Mabezat.N73141997 20160622
ALYac Trojan.Generic.7952044 20160622
Antiy-AVL Worm/Win32.Mabezat.b 20160622
Arcabit Trojan.Generic.D7956AC 20160622
Avast Win32:Agent-AVCE [Trj] 20160622
AVG Generic_r.NV 20160622
Avira (no cloud) WORM/Mabezat.b 20160622
AVware Worm.Win32.Mabezat.b (v) 20160622
Baidu Win32.Worm.Mabezat.b 20160622
Baidu-International Trojan.Win32.Obfuscator.gen 20160614
BitDefender Trojan.Generic.7952044 20160622
Bkav W32.Pharoh.Worm 20160622
CAT-QuickHeal W32.Mabezat.Dr 20160622
ClamAV Win.Trojan.Mabezat-1 20160622
CMC Worm.Win32.Mabezat!O 20160620
Comodo Worm.Win32.Mabezat.b 20160622
Cyren W32/Mabezat.FRWO-1177 20160622
DrWeb Win32.HLLW.Tazebama.45 20160622
Emsisoft Trojan.Generic.7952044 (B) 20160622
ESET-NOD32 Win32/Mabezat.A 20160622
F-Prot W32/Mabezat.A 20160622
F-Secure Trojan.Generic.7952044 20160622
Fortinet W32/Mabezat.B!worm 20160622
GData Trojan.Generic.7952044 20160622
Ikarus Worm.Win32.Mabezat 20160622
Jiangmin Trojan/Mabezat.g 20160622
K7AntiVirus Riskware ( 0040eff71 ) 20160622
K7GW Riskware ( 0040eff71 ) 20160622
Kaspersky Worm.Win32.Mabezat.b 20160622
Kingsoft Win32.Mabezat.b.1038191 20160622
Malwarebytes Trojan.Dropper.FW 20160622
McAfee W32/Mabezat 20160622
McAfee-GW-Edition BehavesLike.Win32.Mabezat.cc 20160622
Microsoft Virus:Win32/Mabezat.B 20160622
eScan Trojan.Generic.7952044 20160622
NANO-Antivirus Virus.Win32.Mabezat.kfroy 20160622
nProtect Worm/W32.Mabezat 20160622
Panda W32/Mabezat.C.worm 20160622
Qihoo-360 VirusOrg.Win32.Mabezet.B 20160622
Sophos AV W32/Mabezat-B 20160622
SUPERAntiSpyware Trojan.Agent/Gen-VirutZ 20160622
Symantec W32.Mabezat.B 20160622
Tencent Win32.Virus.Mabezat.Wptm 20160622
TheHacker Trojan/Genome.hpoz 20160621
TotalDefense Win32/Mabezat.B!Dropper 20160622
TrendMicro PE_MABEZAT.B-O 20160622
TrendMicro-HouseCall PE_MABEZAT.B-O 20160622
VBA32 Trojan.Win32.Mabezat.a 20160621
VIPRE Worm.Win32.Mabezat.b (v) 20160622
ViRobot Worm.Win32.Mabezat.154751[h] 20160622
Yandex Trojan.Bumat!Aix6wA8hbu0 20160621
Zillya Worm.MabezatGen.Win32.3 20160622
Zoner Win32.Mabezat.B 20160622
Alibaba 20160622
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-10-29 06:17:05
Entry Point 0x00001000
Number of sections 4
PE sections
Overlays
MD5 af3f0beea12da0cb46956e5aeaaa7126
File type data
Offset 73216
Size 81815
Entropy 6.75
PE imports
GetStartupInfoA
HeapFree
GetModuleHandleA
ExitProcess
HeapAlloc
GetCommandLineA
GetTickCount
LoadLibraryA
HeapReAlloc
GetProcAddress
GetProcessHeap
rename
__CxxFrameHandler
memset
strstr
abs
rand
strlen
srand
strcat
memcpy
strcpy
memcmp
isdigit
_EH_prolog
isspace
strncpy
strcmp
MessageBoxA
wvsprintfA
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
CATALAN NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2007:10:29 07:17:05+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
53760

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
72192

SubsystemVersion
4.0

EntryPoint
0x1000

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 6c46ea62c3314b2ce8e22c5a0472d209
SHA1 081f86a34abfb2cd0ba388f3779141380733f843
SHA256 132ca3829c42b4f231a29ad6cf1154e11eb5167f5971b9a801b7a9264f8a91ab
ssdeep
3072:dSSknv7BYJlQXQ8p6g4bV/PkKjzrXP/MOKYuNHL4YQ0qMlydsNUmXY9:shCJCpp6gEkKDP/MOKV3Q0j0SNU7

authentihash 8be2e34afac12177586cac13e408b79607f7a70581d168f188916666256e619b
imphash 6039c26165040db47e28057ca34786ef
File size 151.4 KB ( 155031 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe usb-autorun overlay

VirusTotal metadata
First submission 2009-10-05 22:41:32 UTC ( 9 years, 4 months ago )
Last submission 2016-06-22 13:45:06 UTC ( 2 years, 8 months ago )
File names ~$cv4.doc .exe
Office2003 CD-Key.doc.exe
Cours_four-1.doc .exe
TP4_Routage_VLAN.doc .exe
VirusShare_6c46ea62c3314b2ce8e22c5a0472d209
lisp_success.doc .exe
ovp25012015.doc .exe
25-recettes de cuisine 2004.doc .exe
plan_cours_planification.doc .exe
l35CKje.drv
Kata Pengantar.doc .exe
Cours - Echanges inter reseaux - Resolution d'adresses(1).doc .exe
7th Floor.doc .exe
VISUAL BASIC 6.doc .exe
KasperSky6.0%20Key.doc.exe
aa
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!