× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2c5fcff58cc0a265524bff74fa331ab796b44c80ffbe729f2542500e6db81139
File name: 3997fb337cd0c160fd079558c68e4d9f
Detection ratio: 48 / 58
Analysis date: 2016-08-31 10:17:02 UTC ( 2 years, 5 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.52616 20160831
AegisLab Troj.W32.Bublik.dtyv!c 20160831
AhnLab-V3 Trojan/Win32.MDA.N1585400524 20160831
ALYac Gen:Variant.Symmi.52616 20160831
Antiy-AVL Trojan/Win32.Bublik 20160831
Arcabit Trojan.Symmi.DCD88 20160831
Avast Win32:Dorder-AH [Trj] 20160831
AVG Crypt4.AXLH 20160831
Avira (no cloud) TR/Dropper.A.5331 20160831
AVware Trojan.Win32.Generic!BT 20160831
BitDefender Gen:Variant.Symmi.52616 20160831
Bkav W32.VariantBublikD.Trojan 20160831
CAT-QuickHeal Ransom.Cryptodef.S4 20160831
Comodo UnclassifiedMalware 20160831
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Cyren W32/Agent.XL.gen!Eldorado 20160831
DrWeb Trojan.Siggen.65341 20160831
Emsisoft Gen:Variant.Symmi.52616 (B) 20160831
ESET-NOD32 a variant of Win32/Kryptik.DMXI 20160831
F-Prot W32/Agent.XL.gen!Eldorado 20160831
F-Secure Gen:Variant.Symmi.52616 20160831
Fortinet W32/Kryptik.DMXI!tr 20160831
GData Gen:Variant.Symmi.52616 20160831
Ikarus Trojan.Win32.Crypt 20160831
Sophos ML virtool.win32.ceeinject.gf 20160830
Jiangmin Trojan/Yakes.xea 20160831
K7AntiVirus Trojan ( 004c76be1 ) 20160831
K7GW Trojan ( 004c76be1 ) 20160831
Kaspersky HEUR:Trojan.Win32.Generic 20160831
Malwarebytes Backdoor.Bot 20160831
McAfee Artemis!3997FB337CD0 20160831
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dh 20160831
Microsoft Trojan:Win32/Bulta!rfn 20160831
eScan Gen:Variant.Symmi.52616 20160831
NANO-Antivirus Trojan.Win32.Yakes.dtasjk 20160831
Panda Trj/Genetic.gen 20160831
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20160831
Rising Malware.Generic!9ngud1Z4EkK@1 (thunder) 20160831
Sophos AV Troj/Wonton-SO 20160831
Symantec Trojan.Gen.2 20160831
Tencent Win32.Trojan.Kryptik.Llrj 20160831
TheHacker Trojan/Kryptik.dmxi 20160829
VBA32 Trojan.Bublik 20160831
VIPRE Trojan.Win32.Generic!BT 20160831
ViRobot Trojan.Win32.S.Agent.256512.DM[h] 20160831
Yandex Trojan.Bublik!iMzzrjdhaNw 20160831
Zillya Trojan.Bublik.Win32.16724 20160831
Zoner Trojan.AgentWDCR 20160831
Alibaba 20160831
Baidu 20160831
ClamAV 20160831
CMC 20160830
Kingsoft 20160831
nProtect 20160831
SUPERAntiSpyware 20160831
TotalDefense 20160831
TrendMicro 20160831
TrendMicro-HouseCall 20160831
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Dogecoin Core
File version 1.8.1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-19 06:40:59
Entry Point 0x000211EC
Number of sections 3
PE sections
PE imports
RegDeleteKeyA
LookupPrivilegeNameW
RegReplaceKeyA
RegCloseKey
RegCreateKeyExA
NotifyChangeEventLog
RegQueryValueExA
AccessCheck
AccessCheckByType
RegSetValueExA
RegEnumValueA
GetNumberOfEventLogRecords
RegOpenKeyExA
RegEnumKeyA
RegDeleteValueA
InitializeSid
AddAccessDeniedAceEx
MapGenericMask
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
GetDeviceCaps
BeginPath
CreateBitmapIndirect
SetBkMode
CreateDCW
CreateBrushIndirect
CreateDIBitmap
CreateFontIndirectA
AbortPath
SelectObject
SetBkColor
CreateCompatibleDC
DeleteObject
SetTextColor
CopyEnhMetaFileA
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
WaitForSingleObject
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
SetSystemTime
GetConsoleMode
GetLocaleInfoA
lstrcatA
ExpandEnvironmentStringsA
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetTempPathA
WideCharToMultiByte
GetProcAddress
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
MoveFileA
FindClose
InterlockedDecrement
GetProfileIntA
SetLastError
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
EnumSystemLocalesA
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
CreateThread
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
TerminateProcess
SearchPathW
WriteConsoleA
GlobalAlloc
SearchPathA
GetVersion
LeaveCriticalSection
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetFileSize
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetFullPathNameA
GetUserDefaultLCID
lstrcmpA
FindFirstFileA
GetCurrentThreadId
GetDiskFreeSpaceA
GetTempFileNameA
FindNextFileA
IsValidLocale
GlobalLock
CopyFileA
WriteProfileSectionW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
RemoveDirectoryA
GetShortPathNameA
GetEnvironmentStrings
CompareFileTime
WritePrivateProfileStringA
GetCurrentProcessId
SetFileTime
GetCPInfo
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
glRecti
glGetLightiv
glIndexsv
glTexGeni
glNormal3s
glRasterPos3sv
glPixelTransferf
glEndList
SHGetFileInfoA
ExtractIconA
ShellExecuteExA
SHBrowseForFolderA
ExtractIconExA
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
DdeSetQualityOfService
EmptyClipboard
EnumWindowStationsA
GetOpenClipboardWindow
CreateDialogParamA
CharPrevA
SwitchDesktop
EndDialog
BeginPaint
CreateAcceleratorTableW
LoadImageA
PostQuitMessage
DefWindowProcA
GetMessagePos
SetClassLongA
FillRect
LoadBitmapA
SetWindowPos
EndPaint
GetSystemMetrics
IsWindow
AppendMenuA
GetWindowRect
DispatchMessageA
RegisterClassA
SetDlgItemTextA
MessageBoxIndirectA
CallWindowProcA
GetDlgItemTextA
CreateWindowExA
PeekMessageA
IsCharAlphaA
AdjustWindowRectEx
IsWindowEnabled
SetMenuItemInfoW
CheckDlgButton
GetTabbedTextExtentW
SetWindowLongA
FindWindowExA
AnimateWindow
SystemParametersInfoA
CreatePopupMenu
wvsprintfA
wsprintfA
DialogBoxParamA
SetClipboardData
IsWindowVisible
GetClassInfoA
SetForegroundWindow
GetClientRect
SetTimer
GetDlgItem
AllowSetForegroundWindow
CreateWindowStationW
DrawTextA
EnableMenuItem
ScreenToClient
SendMessageA
InvalidateRect
LoadAcceleratorsA
GetWindowLongA
SendMessageTimeoutA
GetSysColor
LoadCursorA
TrackPopupMenu
SetWindowTextA
FlashWindow
ShowWindow
OpenClipboard
CharNextA
GetDesktopWindow
GetDialogBaseUnits
GetSystemMenu
GetDC
EnableWindow
CloseClipboard
DestroyWindow
ExitWindowsEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleQueryLinkFromData
CoQueryClientBlanket
OleInitialize
OleNoteObjectVisible
OleSaveToStream
CoCreateInstance
OleUninitialize
CoLoadLibrary
OleSetMenuDescriptor
CreatePointerMoniker
CoTaskMemFree
StgIsStorageFile
Number of PE resources by type
RT_STRING 4
RT_MANIFEST 1
RT_VERSION 1
RT_HTML 1
Number of PE resources by language
NEUTRAL 5
LITHUANIAN 1
FRENCH LUXEMBOURG 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

CompanyWebsite
http://www.dogecoin.com/

FileSubtype
0

FileVersionNumber
1.8.1.0

LanguageCode
Neutral

FileFlagsMask
0x0000

CharacterSet
ASCII

InitializedDataSize
255488

EntryPoint
0x211ec

MIMEType
application/octet-stream

FileVersion
1.8.1

TimeStamp
2015:06:19 06:40:59+00:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.8.1

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Dogecoin project

CodeSize
0

ProductName
Dogecoin Core

ProductVersionNumber
1.8.1.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3997fb337cd0c160fd079558c68e4d9f
SHA1 a1e3d7cfb5bcaf1ecf752f9c512574df33d7c411
SHA256 2c5fcff58cc0a265524bff74fa331ab796b44c80ffbe729f2542500e6db81139
ssdeep
6144:zAOk8od0aWBpQCnJ/nmQ0lG2ZT21aM4ip:zurOaWBpQC50llC1Pf

authentihash 7ae33c6a5296b6f835ec8c6a08bde70227e079fa3349683e0e0a7615729d3927
imphash e9624df627846b701fcb723dd582a5ec
File size 250.5 KB ( 256512 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (76.4%)
Win32 Executable (generic) (12.4%)
Generic Win/DOS Executable (5.5%)
DOS Executable Generic (5.5%)
Tags
peexe

VirusTotal metadata
First submission 2015-06-30 09:50:18 UTC ( 3 years, 7 months ago )
Last submission 2015-06-30 09:50:18 UTC ( 3 years, 7 months ago )
File names 2C5FCFF58CC0A265524BFF74FA331AB796B44C80FFBE729F2542500E6DB81139.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Copied files
Deleted files
Code injections in the following processes
Created mutexes
Runtime DLLs