× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 236cb09549ae51e7fa55db30b100e24f37db388dc44fb718645f669b836bceba
File name: image_main.png
Detection ratio: 16 / 66
Analysis date: 2017-10-05 08:40:24 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20171005
AVG FileRepMalware 20171005
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20170930
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Cylance Unsafe 20171005
Endgame malicious (high confidence) 20170821
Fortinet W32/Kryptik.FXEG!tr 20171005
Sophos ML heuristic 20170914
McAfee Ransomware-GFS!2888CE54BE73 20171005
Qihoo-360 HEUR/QVM19.1.4C30.Malware.Gen 20171005
Sophos AV Mal/Elenoocka-E 20171005
Symantec Ransom.Locky.B 20171005
TrendMicro Ransom_CERBER.SMALY0 20171005
TrendMicro-HouseCall Ransom_CERBER.SMALY0 20171005
Webroot W32.Trojan.Gen 20171005
WhiteArmor Malware.HighConfidence 20170927
Ad-Aware 20171005
AegisLab 20171005
AhnLab-V3 20171004
Alibaba 20170911
ALYac 20171005
Antiy-AVL 20171005
Arcabit 20171005
Avast-Mobile 20171005
Avira (no cloud) 20171005
AVware 20171005
BitDefender 20171005
Bkav 20171004
CAT-QuickHeal 20171005
ClamAV 20171005
CMC 20171004
Comodo 20171005
Cyren 20171005
DrWeb 20171005
Emsisoft 20171005
ESET-NOD32 20171005
F-Prot 20171005
F-Secure 20171005
GData 20171005
Ikarus 20171005
Jiangmin 20171005
K7AntiVirus 20171005
K7GW 20171005
Kaspersky 20171005
Kingsoft 20171005
Malwarebytes 20171005
MAX 20171005
McAfee-GW-Edition 20171005
Microsoft 20171005
eScan 20171005
NANO-Antivirus 20171005
nProtect 20171005
Palo Alto Networks (Known Signatures) 20171005
Panda 20171004
Rising 20171005
SentinelOne (Static ML) 20171001
SUPERAntiSpyware 20171005
Symantec Mobile Insight 20171005
Tencent 20171005
TheHacker 20171002
TotalDefense 20171005
Trustlook 20171005
VBA32 20171004
VIPRE 20171005
ViRobot 20171005
Yandex 20171004
Zillya 20171004
ZoneAlarm by Check Point 20171005
Zoner 20171005
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-03-25 09:43:35
Entry Point 0x0000B7BF
Number of sections 4
PE sections
PE imports
Ctl3dGetVer
Ctl3dEnabled
SystemTimeToFileTime
GetFileAttributesA
WaitForSingleObject
CreateJobObjectW
GetTickCount
LoadLibraryA
GetLocalTime
GetCurrentDirectoryW
GetPrivateProfileStringA
lstrcatA
GetCommandLineW
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetModuleHandleA
GlobalAddAtomA
CreateSemaphoreW
CreateMutexW
OpenMutexW
CreateWaitableTimerA
FindFirstFileW
CreateProcessA
CreateEventW
OpenEventW
ReadConsoleW
FindResourceA
GetEnvironmentVariableW
InsertMenuA
GetMessageA
LoadCursorA
LoadIconA
wsprintfA
DispatchMessageA
LoadMenuA
DrawStateA
CreateWindowExW
PostMessageW
LoadBitmapA
Number of PE resources by type
RT_GROUP_CURSOR 5
RT_STRING 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2014:03:25 10:43:35+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
66048

LinkerVersion
8.0

EntryPoint
0xb7bf

InitializedDataSize
23552

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 2888ce54be73dc9c761f60d16ed75112
SHA1 ee8f468ec4d958781860cb50ebbb94a5650798f8
SHA256 236cb09549ae51e7fa55db30b100e24f37db388dc44fb718645f669b836bceba
ssdeep
3072:8HrokNWRcnCUY0BxBlAldA3LXEZnPcz2Qaem8fbY8u6okr/A:8HroktcAx30ZnPcnaybFNok

authentihash e67386e4873bddbe9e1728aab5e4b04e9566b3550a2df300db6e067fdb8795cf
imphash 27b0f77fe356f48dcac73d0e7916921d
File size 215.5 KB ( 220672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-10-05 08:40:24 UTC ( 1 year, 5 months ago )
Last submission 2017-10-05 08:40:24 UTC ( 1 year, 5 months ago )
File names image_main.png
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created mutexes
Opened mutexes
Runtime DLLs
DNS requests
TCP connections
UDP communications