× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1ce9e7bb4073dbad35868b4da3d49c5e81dcb485d015b43256e052fdfe36bc86
File name: drugvokrug-dlyakompa-znaemsoft-ru.exe
Detection ratio: 24 / 52
Analysis date: 2014-11-09 10:56:27 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Ad-Aware Gen:Heur.Krypt.12 20141109
Antiy-AVL RiskWare[Downloader:not-a-virus]/Win32.Plocust 20141109
Avast Win32:LoadMoney-JU [PUP] 20141109
AVG Win32/Cryptor 20141109
Avira (no cloud) APPL/Downloader.Gen7 20141109
AVware Trojan.Win32.Generic.pak!cobra 20141109
BitDefender Gen:Heur.Krypt.12 20141109
Comodo Application.Win32.LoadMoney.LST 20141109
DrWeb Trojan.LoadMoney.364 20141109
Emsisoft Gen:Heur.Krypt.12 (B) 20141109
F-Secure Gen:Heur.Krypt.12 20141109
GData Gen:Heur.Krypt.12 20141109
Ikarus Trojan.Win32.Crypt 20141109
Kaspersky not-a-virus:Downloader.Win32.Plocust.mzsp 20141109
Malwarebytes PUP.Optional.LoadMoney 20141109
McAfee Packed-CQ 20141109
McAfee-GW-Edition BehavesLike.Win32.Packed.gh 20141109
Microsoft TrojanDownloader:Win32/Ogimant.gen!C 20141109
eScan Gen:Heur.Krypt.12 20141105
NANO-Antivirus Trojan.Win32.Plocust.diedks 20141109
Norman Kryptik.CDIC 20141109
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20141108
VBA32 Malware-Cryptor.Limpopo 20141108
VIPRE Trojan.Win32.Generic.pak!cobra 20141109
AegisLab 20141109
Yandex 20141108
AhnLab-V3 20141109
Baidu-International 20141107
Bkav 20141107
ByteHero 20141109
CAT-QuickHeal 20141108
ClamAV 20141109
CMC 20141107
Cyren 20141109
F-Prot 20141108
Fortinet 20141108
Jiangmin 20141108
K7AntiVirus 20141107
K7GW 20141107
Kingsoft 20141109
nProtect 20141107
Qihoo-360 20141109
Sophos AV 20141109
SUPERAntiSpyware 20141108
Symantec 20141109
Tencent 20141109
TheHacker 20141107
TotalDefense 20141109
TrendMicro-HouseCall 20141109
ViRobot 20141109
Zillya 20141107
Zoner 20141107
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2013 Bunndle, Inc. All rights reserved.

Publisher Bunndle, Inc.
Product Bunndle Stand-Alone Offer Manager, OM 2.4.0.0, 2013-09-18 11:24
Original name BunndleOfferManager
Internal name BunndleOfferManager
File version 1.0.0.4
Description Bunndle Stand-Alone Offer Manager
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0000170B
Number of sections 6
PE sections
PE imports
SetThreadLocale
WriteProfileStringA
CreateJobObjectA
GetDriveTypeW
GetVolumePathNameA
CreateDirectoryExW
SetThreadPriorityBoost
ScrollConsoleScreenBufferW
GetFileAttributesW
VerifyVersionInfoW
CreatePipe
RtlZeroMemory
MapViewOfFileEx
VirtualLock
lstrcatW
ReadFileScatter
EnumResourceLanguagesW
GetCommModemStatus
GetTempPathA
SystemTimeToTzSpecificLocalTime
FindActCtxSectionStringA
EnumCalendarInfoExW
FindNextVolumeMountPointW
IsBadHugeReadPtr
GetCompressedFileSizeA
GlobalMemoryStatusEx
SetComputerNameA
EnumCalendarInfoExA
WriteConsoleOutputW
GetProfileIntW
TransmitCommChar
ConnectNamedPipe
InitAtomTable
Heap32Next
ReadConsoleInputExW
FindFirstVolumeMountPointW
FatalExit
GetProfileIntA
SetFileAttributesW
GetStringTypeExA
SetLastError
VerLanguageNameA
ReadConsoleInputA
CopyFileW
SuspendThread
CancelTimerQueueTimer
ReplaceFile
WriteTapemark
HeapAlloc
CreateMailslotA
FindNextVolumeW
OpenWaitableTimerA
SetCalendarInfoA
CopyLZFile
EnumSystemLocalesW
SetFileShortNameA
FatalAppExitA
SetFilePointerEx
SetProcessAffinityMask
GetVolumeNameForVolumeMountPointA
GlobalAddAtomW
EraseTape
LocalFlags
MoveFileExW
RtlCaptureStackBackTrace
GlobalAddAtomA
SetCalendarInfoW
ConvertDefaultLocale
GetSystemDirectoryA
TzSpecificLocalTimeToSystemTime
GlobalUnWire
GetDiskFreeSpaceExA
SetCurrentDirectoryW
SearchPathA
ChangeTimerQueueTimer
ReadConsoleW
GetModuleHandleA
HeapFree
SetHandleCount
GetOEMCP
CreateJobSet
GetVersionExA
EndUpdateResourceA
RtlUnwind
DosDateTimeToFileTime
SetHandleInformation
GetNamedPipeHandleStateA
CreateDirectoryA
SetProcessPriorityBoost
GetDateFormatW
GetStartupInfoW
GetUserDefaultLCID
GetNamedPipeHandleStateW
AddAtomW
SetSystemTimeAdjustment
GetComputerNameW
WaitNamedPipeW
EnumDateFormatsExA
lstrcmpA
FindNextFileW
GlobalFix
WaitNamedPipeA
GetThreadSelectorEntry
CreateMemoryResourceNotification
GetProcessWorkingSetSize
FindNextFileA
WaitForMultipleObjects
lstrcmpi
OpenJobObjectW
GetNumberOfConsoleInputEvents
PrepareTape
GetCurrencyFormatW
FindFirstVolumeW
OpenJobObjectA
Heap32ListFirst
CreateWaitableTimerW
CreateNamedPipeW
GetEnvironmentStringsA
GlobalGetAtomNameA
IsDBCSLeadByte
LockFile
lstrlenW
GetUserGeoID
SwitchToThread
WritePrivateProfileStringA
CopyFileExA
HeapQueryInformation
ClearCommBreak
AddConsoleAliasW
RegisterWaitForSingleObject
GetConsoleTitleA
GetCommandLineA
GetCurrentThread
lstrcpynW
GetSystemDefaultLangID
RaiseException
GetGeoInfoA
HeapUnlock
SetSystemPowerState
GlobalFlags
CreateSocketHandle
DeleteAtom
FindFirstFileA
lstrcpynA
PeekConsoleInputA
DeleteVolumeMountPointA
GetConsoleInputWaitHandle
IsBadHugeWritePtr
WriteConsoleOutputCharacterW
IsValidCodePage
GetDefaultCommConfigW
CreateProcessW
RtlMoveMemory
Sleep
LZClose
GetProfileStringA
SetComputerNameExW
SetFocus
ChangeDisplaySettingsW
GetMessagePos
PrivateExtractIconExW
DrawTextW
DrawStateA
EnumWindowStationsA
DestroyMenu
DialogBoxParamW
SetSystemCursor
PostQuitMessage
EnumDesktopsA
ValidateRect
GetClipboardViewer
OemToCharBuffA
GrayStringW
SetDeskWallpaper
EndPaint
SetMenuItemInfoA
GrayStringA
WindowFromPoint
GetInputDesktop
GetMessageTime
DispatchMessageW
GetAsyncKeyState
DrawTextA
GetDlgCtrlID
GetClipCursor
GetMenu
DlgDirSelectExA
ReleaseDC
SendMessageA
GetClassInfoW
SetMenuDefaultItem
MessageBoxIndirectW
CharPrevExA
CallNextHookEx
CharPrevW
GetWindowTextLengthA
CopyAcceleratorTableA
GetKeyboardState
AlignRects
BlockInput
DrawFrame
GetActiveWindow
RegisterHotKey
GetUpdateRgn
SendMessageCallbackW
EnumClipboardFormats
FlashWindowEx
GetWindowTextLengthW
GetMenuBarInfo
LoadAcceleratorsW
ScrollWindow
InvalidateRgn
GetMenuContextHelpId
ShowCursor
GetUserObjectInformationW
GetParent
MapDialogRect
SystemParametersInfoA
SetWindowsHookW
RegisterWindowMessageA
CallMsgFilterA
GetMenuState
CreateCaret
GetClassInfoExA
BroadcastSystemMessageW
SetMenuInfo
DrawFrameControl
GetNextDlgGroupItem
SetWindowWord
SetWindowsHookA
SetInternalWindowPos
ValidateRgn
PeekMessageW
ChangeDisplaySettingsExW
EnableWindow
SetWindowPlacement
GetDlgItemTextA
PeekMessageA
IsCharAlphaA
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
ActivateKeyboardLayout
GetTabbedTextExtentW
GetMenuItemRect
BroadcastSystemMessageExW
OpenDesktopW
AllowForegroundActivation
IsZoomed
GetWindowPlacement
WindowFromDC
DrawMenuBar
EnumPropsExA
EnableMenuItem
BroadcastSystemMessageExA
OpenDesktopA
GetSubMenu
OemToCharA
LoadKeyboardLayoutEx
GetKeyboardLayout
FlashWindow
CreateAcceleratorTableW
WaitForInputIdle
GetWindowRgnBox
EnumDesktopWindows
EnumPropsW
ToUnicode
TabbedTextOutW
GetWindowLongW
DefFrameProcA
CharNextW
GetWindowContextHelpId
IsChild
MapWindowPoints
CharPrevA
GetMonitorInfoW
OffsetRect
GetScrollPos
CopyIcon
GetKeyboardLayoutNameW
GetMonitorInfoA
SendNotifyMessageW
SetMenuContextHelpId
TranslateAcceleratorW
SetSysColors
GetClassInfoExW
SendDlgItemMessageA
GetSystemMetrics
IsIconic
SetScrollRange
InvertRect
PostMessageA
IsDialogMessageW
SetProcessWindowStation
WaitMessage
CreatePopupMenu
CheckMenuItem
ChildWindowFromPointEx
GetTitleBarInfo
GetForegroundWindow
CharUpperBuffW
SetWindowTextW
GetDlgItem
BringWindowToTop
EnumDisplaySettingsA
TrackPopupMenu
SetParent
IsDlgButtonChecked
TileChildWindows
DestroyAcceleratorTable
GetDesktopWindow
CreateIconFromResource
LoadCursorW
GetMenuItemID
InsertMenuW
DrawCaptionTempW
PostThreadMessageA
OpenClipboard
GetScrollBarInfo
CharLowerBuffW
DrawTextExW
GetDlgItemInt
PrivateExtractIconsW
CreateIconIndirect
CreateDialogIndirectParamA
EndTask
PrivateExtractIconsA
LoadMenuW
DrawTextExA
RemoveMenu
wvsprintfW
ScrollChildren
SendMessageW
MenuWindowProcA
SetMenu
MessageBoxIndirectA
MoveWindow
SetDlgItemInt
LoadKeyboardLayoutW
GetPropA
CascadeWindows
CascadeChildWindows
AdjustWindowRectEx
MessageBoxExW
LoadCursorFromFileW
LoadKeyboardLayoutA
TranslateMessageEx
CreateIcon
RegisterClipboardFormatW
SetScrollInfo
RegisterClassExA
GetWindowRgn
MenuItemFromPoint
SetClassWord
EnumDisplayMonitors
OemKeyScan
WinHelpW
SetDoubleClickTime
CreateMDIWindowA
GetWindowThreadProcessId
SetCursorPos
IsCharAlphaNumericW
GetClipboardFormatNameA
MonitorFromWindow
RealGetWindowClassA
InvalidateRect
AnimateWindow
wsprintfA
GetKeyboardType
GetCaretPos
ModifyMenuW
UnregisterDeviceNotification
GetClassNameA
GetFocus
ModifyMenuA
GetAncestor
SetCursor
SetSecurityDescriptorOwner
ConvertStringSecurityDescriptorToSecurityDescriptorW
TreeResetNamedSecurityInfoW
OpenServiceW
CryptSetProviderA
TraceMessageVa
AccessCheckByTypeAndAuditAlarmA
CloseServiceHandle
CredReadDomainCredentialsW
ConvertStringSidToSidW
GetSecurityDescriptorGroup
LsaCreateSecret
BuildTrusteeWithObjectsAndSidW
SetFileSecurityA
TrusteeAccessToObjectA
RegLoadKeyA
AreAllAccessesGranted
QueryAllTracesA
SaferiRecordEventLogEntry
ImpersonateNamedPipeClient
TraceMessage
RegDeleteValueW
GetCurrentHwProfileA
GetEffectiveRightsFromAclA
MD5Init
DrawInsert
PropertySheetW
ImageList_Read
CreateStatusWindow
FlatSB_SetScrollRange
MakeDragList
ImageList_GetImageRect
CreatePropertySheetPage
ImageList_GetImageCount
DestroyPropertySheetPage
ImageList_SetOverlayImage
DrawStatusText
InitMUILanguage
ImageList_GetIconSize
CreateToolbar
ImageList_GetFlags
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_Duplicate
ImageList_LoadImageW
ImageList_LoadImageA
CreatePropertySheetPageW
CreateStatusWindowA
ImageList_Copy
FlatSB_EnableScrollBar
ImageList_EndDrag
CreatePipe
GlobalAlloc
QueryPerformanceFrequency
LoadLibraryA
VirtualQuery
GetCaretPos
UpdateWindow
VerLanguageNameA
GetFileVersionInfoA
VerFindFileW
VerQueryValueW
VerLanguageNameW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerInstallFileW
VerQueryValueA
WTSVirtualChannelPurgeInput
WTSEnumerateSessionsA
WTSTerminateProcess
WTSVirtualChannelClose
WTSVirtualChannelPurgeOutput
WTSUnRegisterSessionNotification
WTSShutdownSystem
WTSLogoffSession
WTSSetUserConfigA
WTSSetSessionInformationA
WTSCloseServer
WTSSendMessageA
WTSFreeMemory
WTSRegisterSessionNotification
WTSQueryUserConfigW
WTSVirtualChannelWrite
WTSQuerySessionInformationA
WTSQueryUserToken
WTSEnumerateServersW
WTSVirtualChannelRead
WTSEnumerateProcessesW
WTSQuerySessionInformationW
WTSQueryUserConfigA
WTSEnumerateProcessesA
WTSVirtualChannelQuery
Number of PE resources by type
RT_DIALOG 5
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 7
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
46080

ImageVersion
0.0

ProductName
Bunndle Stand-Alone Offer Manager, OM 2.4.0.0, 2013-09-18 11:24

FileVersionNumber
1.0.0.4

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
2.25

OriginalFilename
BunndleOfferManager

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.4

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BunndleOfferManager

FileAccessDate
2014:11:09 11:57:48+01:00

ProductVersion
1.0.0.4

FileDescription
Bunndle Stand-Alone Offer Manager

OSVersion
4.0

FileCreateDate
2014:11:09 11:57:48+01:00

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2013 Bunndle, Inc. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Bunndle, Inc.

CodeSize
418816

FileSubtype
0

ProductVersionNumber
1.0.0.4

EntryPoint
0x170b

ObjectFileType
Dynamic link library

File identification
MD5 6712801889017c9cf1f81dfbe8fd1dc6
SHA1 0253c603801fd7eada1af0af20bdb5c07f4de5a2
SHA256 1ce9e7bb4073dbad35868b4da3d49c5e81dcb485d015b43256e052fdfe36bc86
ssdeep
6144:+8Z7/Z5g9VzLaXOPo4w/mytCrPwF4VjjG2macQHGWL3jmUHy1i1Q6CqlWc6rfVRj:H7/TgQT2XmacQHFv1Q6ccMAgg

authentihash df31cdfdee291cc421045d56e2593f9572e6dd2789be568d299e969cebf17ca7
imphash b2f7c5ac8352b64bcd8a3f53ce3bd832
File size 455.0 KB ( 465920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-09 10:56:27 UTC ( 3 years, 7 months ago )
Last submission 2014-11-09 10:56:27 UTC ( 3 years, 7 months ago )
File names drugvokrug-dlyakompa-znaemsoft-ru.exe
BunndleOfferManager
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections