× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25e67ea08a917540dc67a1b49dd1a1c7b1a07e4785ce63812a2d222c698a3044
File name: Anal_Porn_Movie_162.mpeg.exe
Detection ratio: 17 / 43
Analysis date: 2011-07-07 14:32:28 UTC ( 2 years, 9 months ago ) View latest
Antivirus Result Update
AntiVir TR/FakeRean.323584.33 20110707
BitDefender Trojan.Generic.KDV.281357 20110707
CAT-QuickHeal (Suspicious) - DNAScan 20110707
DrWeb Trojan.Fakealert.22773 20110707
Emsisoft Trojan.Fakealert!IK 20110707
F-Secure Trojan.Generic.KDV.281357 20110707
GData Trojan.Generic.KDV.281357 20110707
Ikarus Trojan.Fakealert 20110707
McAfee FakeAlert-Rena.p 20110707
McAfee-GW-Edition FakeAlert-Rena.p 20110707
Microsoft Rogue:Win32/FakeRean 20110707
NOD32 a variant of Win32/Kryptik.PZX 20110707
Panda Trj/CI.A 20110707
Sophos Mal/FakeAV-MQ 20110707
TrendMicro Cryp_FakeAV-54 20110707
TrendMicro-HouseCall Cryp_FakeAV-54 20110707
VIPRE Trojan.Win32.Generic.pak!cobra 20110707
AVG 20110707
AhnLab-V3 20110707
Antiy-AVL 20110707
Avast 20110707
Avast5 20110707
ClamAV 20110707
Commtouch 20110707
Comodo 20110707
F-Prot 20110706
Fortinet 20110707
Jiangmin 20110706
K7AntiVirus 20110706
Kaspersky 20110707
Norman 20110707
PCTools 20110707
Prevx 20110707
Rising 20110707
SUPERAntiSpyware 20110707
Symantec 20110707
TheHacker 20110707
VBA32 20110707
ViRobot 20110707
VirusBuster 20110707
eSafe 20110707
eTrust-Vet 20110707
nProtect 20110707
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-06-16 00:45:21
Link date 1:45 AM 6/16/2011
Entry Point 0x0000728D
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
CopySid
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
LsaNtStatusToWinError
RegQueryValueExW
LsaOpenPolicy
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
LsaClose
RegEnumKeyW
GetSecurityDescriptorOwner
RegOpenKeyW
GetTokenInformation
IsValidSid
GetSecurityDescriptorDacl
RegEnumKeyExW
GetLengthSid
LsaQueryInformationPolicy
LsaFreeMemory
RegSetValueExW
FreeSid
AllocateAndInitializeSid
EqualSid
SetNamedSecurityInfoW
GetVolumePathNameW
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetVolumeInformationW
GetLocaleInfoW
GetFileTime
WideCharToMultiByte
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetExitCodeProcess
LocalFree
FormatMessageW
InitializeCriticalSection
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
MoveFileW
SetFileAttributesW
WritePrivateProfileStringW
SetLastError
GetSystemTime
GetUserDefaultLangID
RemoveDirectoryW
HeapAlloc
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetPrivateProfileStringW
CreateThread
GetSystemDirectoryW
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
HeapFree
EnterCriticalSection
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
DisableThreadLibraryCalls
lstrcmpiW
FreeLibrary
GetWindowsDirectoryW
GetFileSize
CreateDirectoryW
DeleteFileW
WaitForMultipleObjects
GetPrivateProfileIntW
GetProcessHeap
CreateFileMappingW
CompareStringW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
FindFirstFileW
lstrcmpW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
GetSystemInfo
lstrlenA
GlobalFree
lstrlenW
CompareFileTime
GetCurrentProcessId
SetFileTime
InterlockedCompareExchange
GetCurrentThread
lstrcpynW
GetSystemDefaultLangID
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
GetModuleHandleW
GetFileAttributesExW
UnmapViewOfFile
CreateProcessW
Sleep
CompareStringA
SysAllocString
SysFreeString
VariantClear
VariantInit
SysStringLen
SHGetMalloc
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
StrCmpW
StrChrW
PathIsRelativeW
StrRChrW
PathStripToRootW
StrCmpIW
StrStrIW
PathIsUNCW
UrlCombineW
PathFindExtensionW
StrToIntExW
UrlGetPartW
PathIsRootW
StrToIntW
PathRemoveBackslashW
GetWindowThreadProcessId
CharLowerA
CharNextW
PeekMessageW
SendMessageW
GetActiveWindow
CharUpperW
MsgWaitForMultipleObjects
TranslateMessage
PostMessageW
CharUpperA
GetKeyboardType
ExitWindowsEx
DispatchMessageW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
InternetCrackUrlW
InternetQueryOptionA
InternetGetConnectedState
InternetCanonicalizeUrlW
EnumPrinterDriversW
CertGetCertificateContextProperty
CryptHashPublicKeyInfo
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
StringFromCLSID
CoTaskMemFree
CoSetProxyBlanket
CM_Get_DevNode_Registry_PropertyW
SetupDiOpenDevRegKey
SetupOpenInfFileW
SetupCloseFileQueue
SetupCloseInfFile
SetupDiDestroyDeviceInfoList
SetupDiSetSelectedDriverW
SetupDiGetDriverInstallParamsW
SetupDiInstallDriverFiles
CM_Locate_DevNodeW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
CM_Get_DevNode_Status
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupScanFileQueueW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupFindFirstLineW
SetupDiGetDeviceRegistryPropertyW
SetupOpenFileQueue
SetupDiCreateDeviceInfoList
SetupGetStringFieldW
SetupDiOpenDeviceInfoW
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
MUI 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 4
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:06:16 01:45:21+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
77824

LinkerVersion
5.0

FileAccessDate
2014:03:16 06:34:14+01:00

EntryPoint
0x728d

InitializedDataSize
2019328

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:03:16 06:34:14+01:00

UninitializedDataSize
0

File identification
MD5 65670922c4520b3f10559c23d1555f0a
SHA1 884bdf2cdcb7b09a097502409113ff9c0b8f747a
SHA256 25e67ea08a917540dc67a1b49dd1a1c7b1a07e4785ce63812a2d222c698a3044
ssdeep
6144:D2vZd+CFqHNx4nw20OLAC84ZT0ZKyIUoTFX/gogK8Rw7qbhvOxL:D2RCtEw2nAL4ZT0ZKXZT5gPKH6dOx

imphash e342a77bd471033a6f1efdf4ac30dd22
File size 316.0 KB ( 323584 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2011-07-07 08:17:44 UTC ( 2 years, 9 months ago )
Last submission 2014-03-16 05:33:06 UTC ( 1 month, 1 week ago )
File names 7F15C10A00FF1355F04D04375CBEE50020353AED.exe
Latinas_Porn_Movie_114.mpeg.exe
65670922c4520b3f10559c23d1555f0a.exe
65670922c4520b3f10559c23d1555f0a884bdf2cdcb7b09a097502409113ff9c0b8f747a323584.exe
65670922c4520b3f10559c23d1555f0a
adobeflashplayerv10.2.152.32.exe
Anal_Porn_Movie_162.mpeg.exe
smona_25e67ea08a917540dc67a1b49dd1a1c7b1a07e4785ce63812a2d222c698a3044.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!