× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1a81f679ba3333601b58decd760fad056d9342023643dc0ec3f426ca66673e0f
File name: 8ff15b2664a7cee359a8c2e1a5c29771fe0495fd
Detection ratio: 31 / 57
Analysis date: 2016-10-29 13:09:42 UTC ( 2 years, 3 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.19457483 20161029
AegisLab Troj.W32.Gen.lIRz 20161029
AhnLab-V3 Trojan/Win32.Yakes.N2141190020 20161029
Arcabit Trojan.Generic.D128E5CB 20161029
Avast Win32:Malware-gen 20161029
AVG Downloader.Generic14.BGQD 20161029
Avira (no cloud) TR/Crypt.Xpack.xvbnc 20161028
AVware Trojan.Win32.Generic!BT 20161029
BitDefender Trojan.Generic.19457483 20161029
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
Cyren W32/Trojan.KUEL-3050 20161029
Emsisoft Trojan.Generic.19457483 (B) 20161029
ESET-NOD32 Win32/TrojanDownloader.Agent.CFH 20161029
F-Secure Trojan.Generic.19457483 20161029
Fortinet W32/Yakes.RJTR!tr 20161029
GData Trojan.Generic.19457483 20161029
Ikarus Trojan-Downloader.Win32.Agent 20161029
Sophos ML worm.win32.dorkbot.i 20161018
K7GW Trojan-Downloader ( 004e141d1 ) 20161029
Kaspersky Trojan.Win32.Yakes.rjtr 20161029
McAfee Artemis!CFA73D7307A6 20161029
McAfee-GW-Edition Artemis 20161029
Microsoft Trojan:Win32/Dynamer!ac 20161029
eScan Trojan.Generic.19457483 20161029
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161029
Sophos AV Mal/Generic-S 20161029
Symantec Heur.AdvML.B 20161029
Tencent Win32.Trojan.Yakes.Tcvv 20161029
TrendMicro TROJ_GEN.R072C0DJT16 20161029
TrendMicro-HouseCall TROJ_GEN.R072C0DJT16 20161029
VIPRE Trojan.Win32.Generic!BT 20161029
Alibaba 20161028
ALYac 20161029
Antiy-AVL 20161029
Baidu 20161029
Bkav 20161029
CAT-QuickHeal 20161028
ClamAV 20161029
CMC 20161029
Comodo 20161029
DrWeb 20161029
F-Prot 20161029
Jiangmin 20161029
K7AntiVirus 20161029
Kingsoft 20161029
Malwarebytes 20161029
NANO-Antivirus 20161029
nProtect 20161028
Panda 20161029
Rising 20161029
SUPERAntiSpyware 20161029
TheHacker 20161028
TotalDefense 20161028
VBA32 20161029
ViRobot 20161029
Yandex 20161028
Zillya 20161028
Zoner 20161029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2005-2013 COMODO. All rights reserved

Product COMODO Internet Security
Original name bsm_chrome.exe
Internal name bsm_chrome.exe
File version 26.0.1410.43
Description COMODO Internet Security
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-26 19:20:10
Entry Point 0x00003EE5
Number of sections 4
PE sections
PE imports
GetTextColor
DeviceIoControl
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetLastError
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
GetStdHandle
GetFileAttributesW
RtlUnwind
GetModuleFileNameA
CopyFileW
HeapSetInformation
GetCurrentProcess
LoadLibraryExA
DecodePointer
GetCurrentProcessId
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
QueryDosDeviceW
GetProcAddress
EncodePointer
GetStartupInfoW
ExitProcess
WideCharToMultiByte
GetModuleFileNameW
TlsFree
GetModuleHandleA
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetOEMCP
LocalFree
TerminateProcess
GetVersion
IsValidCodePage
HeapCreate
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
GetCursorPos
GetMonitorInfoW
SetTimer
MonitorFromPoint
LoadStringW
KillTimer
SetForegroundWindow
SetWindowPos
DestroyWindow
Number of PE resources by type
RT_ICON 23
RT_GROUP_ICON 8
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 28
NEUTRAL 5
PE resources
ExifTool file metadata
ProductShortName
COMODO Internet Security

SubsystemVersion
5.0

OfficialBuild
0

InitializedDataSize
352768

ImageVersion
0.0

ProductName
COMODO Internet Security

FileVersionNumber
26.0.1410.43

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
bsm_chrome.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

CompanyShortName
COMODO

FileVersion
26.0.1410.43

TimeStamp
2016:10:26 20:20:10+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
bsm_chrome.exe

ProductVersion
26.0.1410.43

FileDescription
COMODO Internet Security

OSVersion
5.0

FileOS
Win32

LegalCopyright
2005-2013 COMODO. All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
COMODO Security Solutions

CodeSize
29696

FileSubtype
0

ProductVersionNumber
26.0.1410.43

LastChange
189671

EntryPoint
0x3ee5

ObjectFileType
Executable application

File identification
MD5 cfa73d7307a6f5161e96b8beb496502f
SHA1 8ff15b2664a7cee359a8c2e1a5c29771fe0495fd
SHA256 1a81f679ba3333601b58decd760fad056d9342023643dc0ec3f426ca66673e0f
ssdeep
6144:DBbszLv41Bl/lu6xy9g91Lnk/GGGGGSGGGGSGGGGG:D5sLAlk6xyC3zk

authentihash 1f998852e412ba638a3c0128aada3d5c8016b0db869b1fdb9295e7f8d3c34bc9
imphash 602a836f233913d48f63c38af320ce0f
File size 283.0 KB ( 289792 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-10-29 13:09:42 UTC ( 2 years, 3 months ago )
Last submission 2016-10-29 13:09:42 UTC ( 2 years, 3 months ago )
File names bsm_chrome.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications