× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2cebef9127696fe448ff3502708301afe4c492b5b2254950e240ad21c6a6f614
File name: AUSPOST_92876.bin
Detection ratio: 3 / 56
Analysis date: 2016-04-29 01:06:20 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9960 20160428
Kaspersky UDS:DangerousObject.Multi.Generic 20160428
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20160429
Ad-Aware 20160429
AegisLab 20160428
AhnLab-V3 20160428
Alibaba 20160428
ALYac 20160429
Antiy-AVL 20160429
Arcabit 20160429
Avast 20160429
AVG 20160429
Avira (no cloud) 20160429
AVware 20160429
Baidu-International 20160428
BitDefender 20160429
Bkav 20160428
CAT-QuickHeal 20160428
ClamAV 20160429
CMC 20160428
Comodo 20160429
Cyren 20160429
DrWeb 20160429
Emsisoft 20160429
ESET-NOD32 20160428
F-Prot 20160429
F-Secure 20160429
Fortinet 20160428
GData 20160429
Ikarus 20160428
Jiangmin 20160428
K7AntiVirus 20160428
K7GW 20160428
Kingsoft 20160429
Malwarebytes 20160428
McAfee 20160428
McAfee-GW-Edition 20160428
Microsoft 20160428
eScan 20160428
NANO-Antivirus 20160428
nProtect 20160428
Panda 20160428
Rising 20160428
Sophos AV 20160428
SUPERAntiSpyware 20160428
Symantec 20160428
Tencent 20160429
TheHacker 20160429
TrendMicro 20160429
TrendMicro-HouseCall 20160429
VBA32 20160428
VIPRE 20160429
ViRobot 20160429
Yandex 20160428
Zillya 20160428
Zoner 20160428
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2015 Lamantine Software a.s.

Internal name spLauncher
File version 8.0.4.34
Description Sticky Password
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-29 23:43:09
Entry Point 0x00001370
Number of sections 4
PE sections
PE imports
RegQueryValueExW
RegOpenKeyW
CreatePatternBrush
SetMetaRgn
CreateHalftonePalette
DeleteColorSpace
GetTextCharset
EndPath
VirtualAlloc
GetModuleHandleW
GetDlgCtrlID
LoadIconA
IsGUIThread
LoadCursorW
CloseWindow
GetKeyState
Number of PE resources by type
RT_ICON 7
RT_STRING 5
RT_RCDATA 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 15
NEUTRAL 2
PE resources
ExifTool file metadata
LegalTrademarks
> OriginalFilename

assexe
@ProductName

LinkerVersion
9.0

ImageVersion
0.0

ckyPassword
6 ProductVersion

FileVersionNumber
8.0.4.34

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Sticky Password

CharacterSet
Windows, Latin1

InitializedDataSize
197120

Tag434
THomepage

EntryPoint
0x1370

MIMEType
application/octet-stream

LegalCopyright
Copyright 2015 Lamantine Software a.s.

FileVersion
8.0.4.34

TimeStamp
2016:04:30 00:43:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
spLauncher

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Lam antine Software a.s.

CodeSize
414208

FileSubtype
0

ProductVersionNumber
8.0.4.34

FileTypeExtension
exe

ObjectFileType
Executable application

pwwwstickypasswordcom
D

File identification
MD5 c6fd8d3901be3be4f4eda5c1e5550bb0
SHA1 0ba763ef29f683a2c1790ccf390573fcb3bb253b
SHA256 2cebef9127696fe448ff3502708301afe4c492b5b2254950e240ad21c6a6f614
ssdeep
6144:TU9l1U/LiKNokEXddPI5WyzlA58LRuf8bH66VjuHf4kummnI8Q1B1M:A93iiTv6WyzC6kf8m6QHf4md

authentihash 79404aa610661572bf2ac7148b03c33a77ddb7c11984e1097a05b128056f6f73
imphash 8404e2813ebfb2b231734724a37a69a5
File size 597.5 KB ( 611840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-04-29 00:24:28 UTC ( 2 years, 10 months ago )
Last submission 2016-04-29 01:06:20 UTC ( 2 years, 10 months ago )
File names spLauncher
yqokujix.exe
AUSPOST_92876.bin
AUSPOST_92876.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications