× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 23c954b66a43ebdab3973d93a8ec0572641081520ec25619083dd1371718ff13
File name: 1412us.exe
Detection ratio: 42 / 67
Analysis date: 2017-12-23 02:36:49 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.270608 20171223
AegisLab Troj.W32.Mansabo!c 20171223
Antiy-AVL Trojan/Win32.TSGeneric 20171222
Arcabit Trojan.Johnnie.D14925 20171222
Avast FileRepMalware 20171222
AVG FileRepMalware 20171222
Avira (no cloud) TR/AD.Inject.kaqff 20171223
AVware Trojan.Win32.Generic!BT 20171222
BitDefender Gen:Variant.Zusy.270608 20171222
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20171016
Cybereason malicious.bd29b3 20171103
Cylance Unsafe 20171223
Cyren W32/Trojan.GOBP-6362 20171222
DrWeb Trojan.Trick.45194 20171222
Emsisoft Gen:Variant.Zusy.270608 (B) 20171222
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/GenKryptik.BJPC 20171223
F-Secure Gen:Variant.Johnnie.84261 20171222
Fortinet W32/Injector.DDNM!tr 20171223
Ikarus Trojan.Win32.Krypt 20171222
Sophos ML heuristic 20170914
K7AntiVirus Trojan ( 0052155a1 ) 20171222
K7GW Trojan ( 0052155a1 ) 20171222
Kaspersky Trojan.Win32.Mansabo.ans 20171223
Malwarebytes Trojan.TrickBot 20171223
MAX malware (ai score=73) 20171223
McAfee RDN/Generic.grp 20171223
McAfee-GW-Edition BehavesLike.Win32.Generic.fh 20171223
Microsoft Trojan:Win32/Totbrick.H 20171223
eScan Gen:Variant.Zusy.270608 20171223
Palo Alto Networks (Known Signatures) generic.ml 20171223
Panda Generic Malware 20171222
SentinelOne (Static ML) static engine - malicious 20171207
Sophos AV Mal/TrickVB-A 20171223
Symantec Trojan.Gen 20171222
Tencent Win32.Trojan.Inject.Auto 20171223
TrendMicro TROJ_GEN.R002C0DLM17 20171223
TrendMicro-HouseCall TROJ_GEN.R002C0DLM17 20171223
VIPRE Trojan.Win32.Generic!BT 20171223
ViRobot Trojan.Win32.Z.Johnnie.372736.N 20171222
Webroot W32.Malware.Gen 20171223
ZoneAlarm by Check Point Trojan.Win32.Mansabo.ans 20171223
AhnLab-V3 20171222
Alibaba 20171222
ALYac 20171223
Avast-Mobile 20171222
Baidu 20171222
Bkav 20171222
CAT-QuickHeal 20171222
ClamAV 20171222
CMC 20171222
Comodo 20171222
eGambit 20171223
F-Prot 20171223
Jiangmin 20171221
Kingsoft 20171223
NANO-Antivirus 20171223
nProtect 20171223
Qihoo-360 20171223
Rising 20171223
SUPERAntiSpyware 20171222
Symantec Mobile Insight 20171222
TheHacker 20171219
TotalDefense 20171222
Trustlook 20171223
VBA32 20171222
WhiteArmor 20171204
Yandex 20171222
Zillya 20171222
Zoner 20171223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Necip is a Turkish given name for males

Product TickTest
Original name TickTest.exe
Internal name TickTest
File version 7.00
Description Sair Necip Fazil Kisakьrek tarafindan yazilan tьm siirler..
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-12-21 13:30:48
Entry Point 0x00001454
Number of sections 3
PE sections
PE imports
_adj_fdivr_m64
Ord(546)
__vbaGenerateBoundsError
_allmul
EVENT_SINK_Invoke
_adj_fprem
__vbaAryMove
__vbaUI1Var
__vbaVarAnd
__vbaRedim
Ord(537)
_adj_fdiv_r
__vbaObjSetAddref
Ord(100)
__vbaHresultCheckObj
_CIlog
__vbaVarMul
_adj_fptan
__vbaFileClose
__vbaLineInputStr
Ord(306)
__vbaFreeStr
__vbaStrI2
__vbaFreeStrList
__vbaI2I4
_adj_fdiv_m16i
EVENT_SINK_QueryInterface
Ord(689)
Ord(648)
__vbaI4Str
__vbaRedimPreserve
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
Zombie_GetTypeInfoCount
__vbaFileOpen
__vbaUbound
Ord(611)
__vbaFreeVar
__vbaPowerR8
Ord(571)
__vbaUI1I2
_CIsqrt
EVENT_SINK_Release
Ord(593)
_adj_fdivr_m32i
__vbaStrCat
__vbaChkstk
__vbaStrCmp
__vbaAryUnlock
Ord(661)
__vbaFreeObjList
__vbaVarCmpGt
EVENT_SINK_GetIDsOfNames
__vbaVar2Vec
__vbaFreeVarList
Zombie_GetTypeInfo
__vbaAryConstruct2
__vbaFreeObj
__vbaVarCopy
__vbaStrVarVal
Ord(690)
_CIcos
__vbaVarMove
__vbaErrorOverflow
__vbaNew2
__vbaR8IntI4
__vbaAryDestruct
__vbaStrMove
_adj_fprem1
_adj_fdiv_m32
Ord(594)
_adj_fpatan
EVENT_SINK_AddRef
Ord(300)
Ord(645)
__vbaFPException
_adj_fdivr_m16i
__vbaVarAdd
_adj_fdiv_m64
__vbaUI1I4
_CIsin
__vbaAryLock
_adj_fdivr_m32
_CIatan
__vbaObjSet
_CIexp
_CItan
__vbaFpI4
Ord(598)
Number of PE resources by type
RT_ICON 3
B_GRIPS13 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
ENGLISH US 1
GERMAN LUXEMBOURG 1
PE resources
ExifTool file metadata
CodeSize
53248

SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
7.0

FileSubtype
0

FileVersionNumber
7.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Sair Necip Fazil Kisak rek tarafindan yazilan t m siirler..

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
315392

EntryPoint
0x1454

OriginalFileName
TickTest.exe

MIMEType
application/octet-stream

LegalCopyright
Necip is a Turkish given name for males

FileVersion
7.0

TimeStamp
2017:12:21 14:30:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TickTest

ProductVersion
7.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ahmet Necip

LegalTrademarks
TickTest

ProductName
TickTest

ProductVersionNumber
7.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 ca9b724985ba547501c253751afbc2df
SHA1 b7ec604bd29b32564bc8c7641012b0146eb7cdf9
SHA256 23c954b66a43ebdab3973d93a8ec0572641081520ec25619083dd1371718ff13
ssdeep
6144:Pg/lgmkvWCMVSbMjtUuxbMlWp+dl1Wcb6+dHe+axjGqbZsZZxhkg/8:Pg/XbVSI7glPlrtZaxiqbZsZZxKg/8

authentihash 69c0603e3783cb1823cbb0d2955ea36f95f49984952aa7bfecce83a687f33d77
imphash 55a9a6585210691dc286bd39308658a6
File size 364.0 KB ( 372736 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (82.7%)
Win32 Dynamic Link Library (generic) (6.6%)
Win32 Executable (generic) (4.5%)
OS/2 Executable (generic) (2.0%)
Generic Win/DOS Executable (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2017-12-21 17:30:06 UTC ( 1 year, 4 months ago )
Last submission 2018-05-28 17:36:36 UTC ( 11 months ago )
File names 1002-b7ec604bd29b32564bc8c7641012b0146eb7cdf9
TickTest.exe
1412us.exe
TickTest
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!