× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2437f7fd698d48f464634951c7a70ec27c86d898809de42c7c5d96a7cfccd5b3
File name: OViLQKDS.exe
Detection ratio: 16 / 56
Analysis date: 2016-06-10 22:00:33 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20160610
AVG Atros3.BHIX 20160610
Avira (no cloud) TR/Spy.Banker.kxqm 20160610
ClamAV Win.Trojan.R-105 20160610
DrWeb Trojan.Siggen6.61862 20160610
ESET-NOD32 a variant of MSIL/Spy.Banker.DH 20160610
Fortinet W32/Agent.DH!tr 20160610
Ikarus Trojan.MSIL.Spy 20160610
Kaspersky Trojan-Banker.MSIL.Agent.yf 20160610
McAfee Artemis!CEED55518F22 20160610
McAfee-GW-Edition Artemis 20160610
NANO-Antivirus Trojan.Win32.Agent.dztahk 20160610
Panda Trj/GdSda.A 20160610
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20160610
Rising Malware.Generic!1PfaJr0FOvN@d (Thunder) 20160610
Sophos AV Mal/Generic-S 20160610
Ad-Aware 20160610
AegisLab 20160610
AhnLab-V3 20160610
Alibaba 20160608
ALYac 20160610
Antiy-AVL 20160610
Arcabit 20160610
AVware 20160610
Baidu 20160608
Baidu-International 20160606
BitDefender 20160610
Bkav 20160610
CAT-QuickHeal 20160610
CMC 20160607
Comodo 20160610
Cyren 20160610
Emsisoft 20160610
F-Prot 20160610
F-Secure 20160610
GData 20160610
Jiangmin 20160610
K7AntiVirus 20160610
K7GW 20160610
Kingsoft 20160610
Malwarebytes 20160610
Microsoft 20160610
eScan 20160610
nProtect 20160610
SUPERAntiSpyware 20160610
Symantec 20160610
Tencent 20160610
TheHacker 20160610
TrendMicro 20160610
TrendMicro-HouseCall 20160610
VBA32 20160610
VIPRE 20160610
ViRobot 20160610
Yandex 20160609
Zillya 20160610
Zoner 20160610
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
ADGDD02

Product ADGDD02
Original name DRBOYY0906.exe
Internal name DRBOYY0906.exe
File version 1.0.0.0
Description ADGDD02
Comments ADGDD02
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-06-09 07:54:51
Entry Point 0x0014924E
Number of sections 4
.NET details
Module Version ID 3ec03ecc-741d-4a13-a31e-2378ea4d7798
TypeLib ID 26b08084-0e2c-47e4-bcfd-8f92c0637c83
PE sections
Overlays
MD5 93b885adfe0da089cdf634904fd59f71
File type ASCII text
Offset 1345536
Size 1
Entropy 0.00
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
ADGDD02

SubsystemVersion
4.0

Comments
ADGDD02

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
ADGDD02

CharacterSet
Unicode

InitializedDataSize
4096

EntryPoint
0x14924e

OriginalFileName
DRBOYY0906.exe

MIMEType
application/octet-stream

LegalCopyright
ADGDD02

FileVersion
1.0.0.0

TimeStamp
2016:06:09 08:54:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DRBOYY0906.exe

ProductVersion
1.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ADGDD02

CodeSize
1340416

ProductName
ADGDD02

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 ceed55518f228045044c9cca39d3f1c0
SHA1 bf58f348784c066f06cbf0e3836c0a092fd9e318
SHA256 2437f7fd698d48f464634951c7a70ec27c86d898809de42c7c5d96a7cfccd5b3
ssdeep
24576:K0ph949GM4ss2NGmpBnd+rxqTaMCMSuOIKDI2Dhf4hMDPsxcq:K0phGf4qNG4Bnd+rxqffjKLU2

authentihash 77ecb983e7c4cf420ac1e72be6c8a81c842948a2f58669f43d709f055be9f24f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.3 MB ( 1345537 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (45.1%)
Win32 Executable MS Visual C++ (generic) (19.2%)
Win64 Executable (generic) (17.0%)
Windows screen saver (8.0%)
Win32 Dynamic Link Library (generic) (4.0%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2016-06-10 18:12:43 UTC ( 1 year, 4 months ago )
Last submission 2016-06-13 05:45:23 UTC ( 1 year, 4 months ago )
File names OViLQKDS.exe
DRBOYY0906.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!