× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1dfb7cd5759f2d87260365d8cfd013c208438a1dc4c02a43dc388fdb18c1e489
File name: vt-upload-CfFqp
Detection ratio: 23 / 54
Analysis date: 2014-08-13 09:43:45 UTC ( 2 years, 7 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.11610602 20140813
AhnLab-V3 Trojan/Win32.Llac 20140813
AntiVir TR/Spy.ZBot.aao.483 20140813
Antiy-AVL Trojan[:HEUR]/Win32.AGeneric 20140813
Avast Win32:Malware-gen 20140813
AVG Generic11_c.RPT 20140813
BitDefender Trojan.Generic.11610602 20140813
Emsisoft Trojan.Generic.11610602 (B) 20140813
ESET-NOD32 Win32/Spy.Zbot.AAO 20140813
F-Secure Trojan.Generic.11610602 20140813
Fortinet W32/Generic.AAO!tr 20140813
Ikarus Trojan.Win32.Armadillo 20140813
Kaspersky HEUR:Trojan.Win32.Generic 20140813
McAfee Artemis!174B4F4385F1 20140813
McAfee-GW-Edition Artemis!174B4F4385F1 20140812
eScan Trojan.Generic.11610602 20140813
NANO-Antivirus Trojan.Win32.Xtrat.dcjhuo 20140813
nProtect Trojan.Generic.11610602 20140813
Qihoo-360 Win32/Trojan.e6d 20140813
Sophos Mal/Generic-S 20140813
Tencent Win32.Trojan.Generic.Dxdj 20140813
TrendMicro-HouseCall TROJ_GEN.R011H07HA14 20140813
VBA32 TrojanDropper.VB 20140813
AegisLab 20140813
Yandex 20140812
AVware 20140813
Baidu-International 20140813
Bkav 20140812
ByteHero 20140813
CAT-QuickHeal 20140813
ClamAV 20140812
CMC 20140809
Commtouch 20140813
Comodo 20140813
DrWeb 20140813
F-Prot 20140813
GData 20140813
Jiangmin 20140813
K7AntiVirus 20140812
K7GW 20140812
Kingsoft 20140813
Malwarebytes 20140813
Microsoft 20140813
Norman 20140813
Panda 20140813
Rising 20140812
SUPERAntiSpyware 20140804
Symantec 20140813
TheHacker 20140812
TotalDefense 20140813
TrendMicro 20140813
VIPRE 20140813
ViRobot 20140813
Zoner 20140811
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
niLNtATb

Publisher chepH
Product IVuuW
Original name SXg47XrZAy.exe
Internal name SXg47XrZAy
File version 1.06.0008
Description Crgnxhroiyd
Comments AYpQqCy
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-04-26 09:12:37
Entry Point 0x0008D0BE
Number of sections 7
PE sections
PE imports
GetOpenFileNameA
GetSaveFileNameA
CreateDCA
DeleteDC
SelectObject
CreatePalette
CreateDIBitmap
SelectPalette
BitBlt
CreateCompatibleDC
DeleteObject
RealizePalette
FreeConsole
ReleaseMutex
WaitForSingleObject
HeapDestroy
SetFileTime
GetFileAttributesW
GetLocalTime
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
SetErrorMode
FreeEnvironmentStringsW
GetThreadContext
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
WideCharToMultiByte
WaitForDebugEvent
InterlockedExchange
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
MoveFileA
ResumeThread
GetExitCodeProcess
GetEnvironmentVariableA
OutputDebugStringW
FindClose
TlsGetValue
FormatMessageA
GetFullPathNameW
OutputDebugStringA
SetLastError
DeviceIoControl
InitializeCriticalSection
CopyFileW
WriteProcessMemory
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
EnumSystemLocalesA
GetPrivateProfileStringA
SetConsoleCtrlHandler
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
FatalAppExitA
SetFilePointerEx
CreateMutexA
GetModuleHandleA
GlobalAddAtomW
CreateDirectoryExW
CreateThread
MoveFileExW
GlobalAddAtomA
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
SetEnvironmentVariableA
SetThreadContext
TerminateProcess
SetCurrentDirectoryW
GlobalAlloc
DebugActiveProcess
SearchPathA
VirtualQueryEx
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GlobalGetAtomNameW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
GetFileSize
LCMapStringW
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
ReadProcessMemory
SetEvent
DeleteFileW
GetUserDefaultLCID
VirtualProtectEx
GetProcessHeap
GetTempFileNameW
CompareStringW
RemoveDirectoryW
GetFileInformationByHandle
FindNextFileW
CreateDirectoryW
GetTimeFormatA
GetTempFileNameA
CreateFileMappingA
FindFirstFileW
IsValidLocale
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
CreateFileW
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
GetShortPathNameW
HeapCreate
GlobalFree
GetConsoleCP
GlobalGetAtomNameA
GetEnvironmentStringsW
GlobalUnlock
GetShortPathNameA
GetCurrentDirectoryW
WritePrivateProfileStringA
GetCurrentProcessId
GetDiskFreeSpaceExW
ContinueDebugEvent
GetCommandLineW
GetCPInfo
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
OpenMutexA
SuspendThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
GetFileAttributesExW
CreateProcessA
IsValidCodePage
UnmapViewOfFile
WriteFile
Sleep
IsBadReadPtr
SetThreadPriority
VirtualAlloc
SHGetSpecialFolderPathA
GetMessageA
PackDDElParam
UpdateWindow
SetPropA
BeginPaint
EnumWindows
DefWindowProcW
CreateDialogIndirectParamA
KillTimer
FindWindowA
DefWindowProcA
ShowWindow
GetPropA
GetWindowThreadProcessId
FreeDDElParam
GetSystemMetrics
IsWindow
DispatchMessageA
EndPaint
PostMessageA
MoveWindow
MessageBoxA
PeekMessageA
TranslateMessage
DialogBoxParamA
PostMessageW
RegisterClassExA
GetAsyncKeyState
DrawTextA
SetWindowTextA
SendMessageW
LoadStringA
RegisterClassW
SendMessageA
LoadStringW
SetTimer
GetDlgItem
CreateDialogParamA
RegisterClassA
InSendMessage
GetWindowTextLengthA
CreateWindowExA
LoadCursorA
DefDlgProcA
EnumThreadWindows
WaitForInputIdle
GetDesktopWindow
IsWindowUnicode
UnpackDDElParam
CreateWindowExW
GetWindowTextA
DestroyWindow
Number of PE resources by type
EXRQ 3
RT_ICON 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 5
NEUTRAL 4
PE resources
ExifTool file metadata
CodeSize
819200

SubsystemVersion
4.0

Comments
AYpQqCy

LinkerVersion
83.82

ImageVersion
1.6

FileSubtype
0

FileVersionNumber
1.6.0.8

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Crgnxhroiyd

CharacterSet
Unicode

InitializedDataSize
1282048

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
niLNtATb

FileVersion
1.06.0008

TimeStamp
2013:04:26 10:12:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SXg47XrZAy

FileAccessDate
2014:08:13 10:34:01+01:00

ProductVersion
1.06.0008

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2014:08:13 10:34:01+01:00

OriginalFilename
SXg47XrZAy.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
chepH

LegalTrademarks
MRCJQg

ProductName
IVuuW

ProductVersionNumber
1.6.0.8

EntryPoint
0x8d0be

ObjectFileType
Executable application

File identification
MD5 174b4f4385f17d130ad7e409f5d70cf8
SHA1 1442c5f8bb2beaa133d687e6ee9dff6d1d131141
SHA256 1dfb7cd5759f2d87260365d8cfd013c208438a1dc4c02a43dc388fdb18c1e489
ssdeep
49152:4h7n9xiATiLMQzCwHgedk+PhO+gejl71Rh:q7SYQzXvk+Q+Vnh

imphash a9dfa3363d8e044cb38536d273bb593d
File size 2.0 MB ( 2106368 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-08-13 09:43:45 UTC ( 2 years, 7 months ago )
Last submission 2014-08-13 09:43:45 UTC ( 2 years, 7 months ago )
File names vt-upload-CfFqp
SXg47XrZAy
SXg47XrZAy.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!