× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 19b523e0db7d612dd439147956589b0c7fe264f1eb183ea3a74565ad20d3cb8a
File name: so.exe
Detection ratio: 3 / 47
Analysis date: 2013-05-31 21:18:45 UTC ( 10 months, 3 weeks ago ) View latest
Antivirus Result Update
AntiVir TR/ATRAPS.Gen2 20130531
Malwarebytes Trojan.Dropper 20130531
TrendMicro-HouseCall TROJ_GEN.RC9H1EV 20130531
AVG 20130531
Agnitum 20130531
AhnLab-V3 20130531
Antiy-AVL 20130531
Avast 20130531
BitDefender 20130531
ByteHero 20130529
CAT-QuickHeal 20130531
ClamAV 20130531
Commtouch 20130531
Comodo 20130531
DrWeb 20130531
ESET-NOD32 20130531
Emsisoft 20130531
F-Prot 20130531
F-Secure 20130531
Fortinet 20130531
GData 20130531
Ikarus 20130531
Jiangmin 20130531
K7AntiVirus 20130531
K7GW 20130531
Kaspersky 20130531
Kingsoft 20130506
McAfee 20130531
McAfee-GW-Edition 20130531
MicroWorld-eScan 20130531
Microsoft 20130531
NANO-Antivirus 20130531
Norman 20130531
PCTools 20130521
Panda 20130531
Rising 20130531
SUPERAntiSpyware 20130531
Sophos 20130531
Symantec 20130531
TheHacker 20130531
TotalDefense 20130531
TrendMicro 20130531
VBA32 20130531
VIPRE 20130531
ViRobot 20130531
eSafe 20130530
nProtect 20130531
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-05-30 13:27:23
Entry Point 0x00001712
Number of sections 3
PE sections
PE imports
CreateToolhelp32Snapshot
GetLastError
HeapFree
GetStdHandle
LCMapStringW
OpenProcess
GetSystemInfo
FreeLibrary
QueryPerformanceCounter
HeapDestroy
ExitProcess
VirtualProtect
GetVersionExA
lstrcmpiW
WaitForSingleObjectEx
RtlUnwind
LoadLibraryA
Process32NextW
FreeEnvironmentStringsA
GetStartupInfoA
GetEnvironmentStrings
GetEnvironmentStringsW
GetLocaleInfoA
GetCurrentProcessId
lstrcatA
GetCPInfo
UnhandledExceptionFilter
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
CreateDirectoryW
GetCommandLineA
GetProcAddress
Process32FirstW
WideCharToMultiByte
GetStringTypeA
GetModuleHandleA
FindNextFileW
InterlockedExchange
WriteFile
GetCurrentProcess
CloseHandle
GetSystemTimeAsFileTime
FindFirstFileW
GetACP
HeapReAlloc
GetStringTypeW
GetOEMCP
TerminateProcess
GetModuleFileNameA
LCMapStringA
SetHandleCount
SetCurrentDirectoryW
HeapCreate
CreateFileW
VirtualQuery
VirtualFree
FindClose
GetFileType
GetTickCount
HeapAlloc
GetCurrentThreadId
VirtualAlloc
wsprintfW
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:05:30 14:27:23+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
20480

LinkerVersion
7.1

FileAccessDate
2013:12:17 08:42:57+01:00

EntryPoint
0x1712

InitializedDataSize
32768

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2013:12:17 08:42:57+01:00

UninitializedDataSize
0

File identification
MD5 77ae4a41df60c1aac16192fe9d757bc9
SHA1 8f031b74d46664b7203b22fbb7970ef1a94906bf
SHA256 19b523e0db7d612dd439147956589b0c7fe264f1eb183ea3a74565ad20d3cb8a
ssdeep
768:9eMuCWDDKRhtCjOg/ba8tLa+v/T8LdyLnaFYp3OXRoZl:YDIRhtCj5bDt+s/TBaupXl

File size 56.0 KB ( 57344 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-05-31 11:52:19 UTC ( 10 months, 3 weeks ago )
Last submission 2013-12-17 07:42:52 UTC ( 4 months ago )
File names about.exe
11759466
calc.exe
so.exe
5.exe
fts.exe
vti-rescan
output.11759466.txt
19b523e0db7d612dd439147956589b0c7fe264f1eb183ea3a74565ad20d3cb8a.bin
77ae4a41df60c1aac16192fe9d757bc9.exe
contacts.exe
info.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!