× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2d17f375a5af63057798c1e3da685b72c8d8483494193060ac00cde6a81c38a0
File name: ucacjjip.exe
Detection ratio: 7 / 53
Analysis date: 2016-08-16 13:56:49 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20160816
AVware Trojan.Win32.Generic.pak!cobra 20160816
Baidu Win32.Trojan.Kryptik.anp 20160816
Kaspersky UDS:DangerousObject.Multi.Generic 20160816
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20160816
Rising Malware.XPACK-HIE/Heur!1.9C48 20160816
VIPRE Trojan.Win32.Generic.pak!cobra 20160816
Ad-Aware 20160816
AegisLab 20160816
AhnLab-V3 20160816
Alibaba 20160816
ALYac 20160816
Antiy-AVL 20160816
Arcabit 20160816
AVG 20160816
Avira (no cloud) 20160816
BitDefender 20160816
Bkav 20160816
CAT-QuickHeal 20160816
ClamAV 20160816
CMC 20160816
Comodo 20160816
Cyren 20160816
DrWeb 20160816
Emsisoft 20160816
ESET-NOD32 20160816
F-Prot 20160816
F-Secure 20160816
Fortinet 20160816
GData 20160816
Ikarus 20160816
Jiangmin 20160816
K7AntiVirus 20160816
K7GW 20160816
Kingsoft 20160816
Malwarebytes 20160816
McAfee 20160816
McAfee-GW-Edition 20160816
Microsoft 20160816
eScan 20160816
NANO-Antivirus 20160816
nProtect 20160812
Panda 20160816
Sophos AV 20160816
SUPERAntiSpyware 20160816
Symantec 20160816
Tencent 20160816
TheHacker 20160814
TrendMicro 20160816
TrendMicro-HouseCall 20160816
VBA32 20160816
ViRobot 20160816
Zillya 20160815
Zoner 20160816
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2006-2010 Christian Ghisler

Internal name Totalcmd-idmin
File version 1, 0, 0, 5
Description Total Commander idministrator Tool
Comments Tool used interna lly by Total Commander, do not start directly!
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-17 13:45:11
Entry Point 0x00057930
Number of sections 4
PE sections
PE imports
RegCloseKey
GetFileSecurityW
RegQueryValueExA
RegOpenKeyW
SetFileSecurityW
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Destroy
_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Remove
ImageList_Create
ImageList_DrawEx
ImageList_GetIcon
ImageList_LoadImageW
SetMapMode
GetWindowOrgEx
CreateMetaFileA
GetNearestColor
GetPaletteEntries
CombineRgn
PlayMetaFile
GetROP2
GetViewportOrgEx
GetObjectType
CreateMetaFileW
SetColorAdjustment
GetBoundsRect
SetLayout
SetPixel
EndDoc
IntersectClipRect
CloseMetaFile
OffsetWindowOrgEx
CreateEllipticRgn
CreatePalette
CreateDIBitmap
GetPolyFillMode
GetDIBits
SetTextAlign
StretchBlt
StretchDIBits
ScaleViewportExtEx
ArcTo
SetWindowExtEx
SetViewportExtEx
ExtCreatePen
SetBkColor
GetBkColor
SetRectRgn
GetTextCharsetInfo
GetSystemPaletteEntries
OffsetRgn
GetCurrentPositionEx
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
PolyDraw
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
PtInRegion
OffsetClipRgn
BitBlt
FillRgn
SetAbortProc
FrameRgn
SelectPalette
PtVisible
ExtSelectClipRgn
SetViewportOrgEx
ScaleWindowExtEx
SetROP2
EndPage
GetNearestPaletteIndex
SetDIBColorTable
CancelDC
GetTextColor
Escape
DeleteObject
SetGraphicsMode
PlayMetaFileRecord
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
PolylineTo
GetDeviceCaps
PlayEnhMetaFile
LineTo
DeleteDC
SetWorldTransform
GetMapMode
EnumMetaFile
StartPage
RealizePalette
CreateHatchBrush
CreatePatternBrush
SetPaletteEntries
SelectClipPath
RectVisible
GetStockObject
GetBkMode
UnrealizeObject
SelectClipRgn
RoundRect
GetTextAlign
SetWindowOrgEx
SelectObject
GetViewportExtEx
SetTextCharacterExtra
CreateDIBPatternBrushPt
CreatePolygonRgn
Polygon
CreateHalftonePalette
GetRgnBox
SaveDC
ModifyWorldTransform
RestoreDC
SetMapperFlags
CreateSolidBrush
CreateBitmap
CreateDIBSection
SetTextColor
ExtFloodFill
GetCurrentObject
MoveToEx
SetPixelV
SetArcDirection
CreateRoundRectRgn
CreateCompatibleDC
PolyBezierTo
SetStretchBltMode
SetBrushOrgEx
CreateRectRgn
GetClipRgn
SetPolyFillMode
CreateCompatibleBitmap
SetTextJustification
GetStretchBltMode
Polyline
DPtoLP
AbortDoc
Ellipse
DeleteMetaFile
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
GetStdHandle
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
DeactivateActCtx
WaitForSingleObject
HeapDestroy
EncodePointer
ReplaceFileW
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
GetFileInformationByHandle
GetThreadContext
SetStdHandle
GetFileTime
IsDBCSLeadByteEx
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
ReleaseActCtx
HeapReAlloc
GetFullPathNameA
GetOEMCP
LocalFree
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
PeekNamedPipe
LocalLock
WriteProcessMemory
IsDebuggerPresent
HeapAlloc
HeapSetInformation
EnumSystemLocalesA
CreateActCtxW
SetThreadPriority
GetUserDefaultLCID
AllocConsole
ActivateActCtx
UnhandledExceptionFilter
TlsGetValue
FatalAppExitA
FlushInstructionCache
GetModuleHandleA
CreateThread
GetSystemDefaultUILanguage
GetExitCodeThread
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
SetThreadContext
GlobalMemoryStatus
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetVersion
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GlobalSize
UnlockFile
GetFileSize
WaitForMultipleObjects
GetProcessHeap
GetFileSizeEx
GlobalReAlloc
lstrcmpA
ResetEvent
IsValidLocale
DuplicateHandle
FindFirstFileExW
GlobalLock
GlobalAlloc
GetTimeZoneInformation
GetFileType
TlsSetValue
ExitProcess
LocalUnlock
InterlockedIncrement
GetLastError
LocalReAlloc
SystemTimeToFileTime
GlobalDeleteAtom
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetThreadLocale
GlobalUnlock
IsDBCSLeadByte
LockFile
FileTimeToLocalFileTime
SizeofResource
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
HeapQueryInformation
HeapSize
InterlockedCompareExchange
IsBadReadPtr
SuspendThread
RaiseException
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetCurrentThreadId
FreeResource
UnmapViewOfFile
VirtualFree
Sleep
TerminateProcess
SetConsoleCtrlHandler
VirtualAlloc
CompareStringA
SHGetFolderPathW
SHAddToRecentDocs
DragFinish
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetDesktopFolder
SHCreateDirectoryExW
SHGetMalloc
PathIsNetworkPathW
SHDeleteKeyW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
StrStrIW
PathFindExtensionW
PathStripToRootW
PathRemoveExtensionW
RedrawWindow
GetMessagePos
SetWindowRgn
SetMenuItemBitmaps
DestroyWindow
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
SetScrollPos
IsWindow
EndPaint
ScrollWindowEx
WindowFromPoint
DrawIcon
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetMenu
SendMessageA
GetClientRect
SetWindowContextHelpId
SetMenuDefaultItem
GetNextDlgTabItem
InSendMessage
CallNextHookEx
MsgWaitForMultipleObjectsEx
TrackPopupMenu
ClientToScreen
GetTopWindow
LockWindowUpdate
ScrollWindow
InvalidateRgn
CopyImage
PtInRect
DrawEdge
GetParent
UpdateWindow
EqualRect
ShowScrollBar
CheckRadioButton
ShowWindow
GetCaretPos
DrawFrameControl
GetNextDlgGroupItem
GetMenuState
TranslateMDISysAccel
SetWindowPlacement
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
GetDlgItemInt
GetMenuBarInfo
GetIconInfo
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
CloseWindow
DrawMenuBar
IsIconic
InvertRect
TrackPopupMenuEx
GetSubMenu
SetTimer
GetActiveWindow
GetKeyboardLayout
FillRect
MonitorFromPoint
CopyRect
WaitForInputIdle
DeferWindowPos
GetDialogBaseUnits
RealChildWindowFromPoint
CreateMenu
GetUpdateRect
OpenClipboard
IsChild
SetFocus
EmptyClipboard
BeginPaint
OffsetRect
GetScrollPos
CopyIcon
KillTimer
GetComboBoxInfo
ToAsciiEx
MapWindowPoints
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
GetScrollRange
EndDialog
WaitMessage
CreatePopupMenu
CheckMenuItem
DrawFocusRect
GetTitleBarInfo
DrawIconEx
GetDCEx
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ScreenToClient
GetKeyboardState
GetMenuItemCount
IsDlgButtonChecked
DestroyAcceleratorTable
CheckDlgButton
SetDlgItemInt
ShowOwnedPopups
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetDC
SetForegroundWindow
NotifyWinEvent
WindowFromDC
GetAsyncKeyState
ReleaseDC
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
HideCaret
SendInput
GetCapture
MessageBeep
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
SetMenu
SetRectEmpty
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
GetLastActivePopup
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
EnumDisplayMonitors
IsWindowVisible
GetDesktopWindow
SubtractRect
UnpackDDElParam
SetCursorPos
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
InvalidateRect
ValidateRect
IsRectEmpty
IsMenu
GetFocus
CloseClipboard
UnhookWindowsHookEx
SetCursor
_except_handler3
_cexit
_c_exit
_wcsicmp
__wgetmainargs
_exit
_adjust_fdiv
__setusermatherr
__p__commode
__p__fmode
wcslen
_controlfp
wcscspn
__initenv
exit
_XcptFilter
__getmainargs
_initterm
towupper
__winitenv
__set_app_type
OleUninitialize
CoUninitialize
OleCreateFromData
OleTranslateAccelerator
OleCreateMenuDescriptor
OleLockRunning
OleDestroyMenuDescriptor
DoDragDrop
StgOpenStorageOnILockBytes
StgCreateDocfile
OleDuplicateData
CoInitialize
CoTreatAsClass
StringFromGUID2
OleInitialize
ReadClassStg
CreateStreamOnHGlobal
CreateItemMoniker
StringFromCLSID
ReleaseStgMedium
OleRegGetMiscStatus
SetConvertStg
OleCreateStaticFromData
GetHGlobalFromILockBytes
OleCreateFromFile
CLSIDFromProgID
RevokeDragDrop
OleSave
CoRegisterMessageFilter
CoCreateGuid
OleCreateLinkFromData
ReadFmtUserTypeStg
OleGetClipboard
OleLoad
OleCreate
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CoGetMalloc
CoRegisterClassObject
OleRegGetUserType
CoGetClassObject
CoLockObjectExternal
CoCreateInstance
OleRegEnumVerbs
StgOpenStorage
OleGetIconOfClass
OleRun
PropVariantCopy
OleQueryCreateFromData
CoTaskMemAlloc
CoInitializeEx
OleQueryLinkFromData
CoTaskMemFree
CreateDataAdviseHolder
StgIsStorageFile
StgCreateDocfileOnILockBytes
IsAccelerator
OleSaveToStream
OleCreateLinkToFile
OleIsRunning
WriteClassStg
CoRevokeClassObject
CoFreeUnusedLibraries
GetRunningObjectTable
OleFlushClipboard
CreateBindCtx
CreateFileMoniker
CoDisconnectObject
OleSetMenuDescriptor
CreateGenericComposite
OleSetContainedObject
OleIsCurrentClipboard
WriteClassStm
OleSetClipboard
RegisterDragDrop
WriteFmtUserTypeStg
CLSIDFromString
Number of PE resources by type
RT_ICON 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN SWISS 6
PE resources
ExifTool file metadata
LegalTrademarks
NOriginalFilename

ivateBuild
j%ProductName

Comments
Tool used interna lly by Total Commander, do not start directly!

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
1.0.0.5

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Total Commander idministrator Tool

CharacterSet
ASCII

ecialBuild
D

InitializedDataSize
256000

EntryPoint
0x57930

MIMEType
application/octet-stream

LegalCopyright
Copyright 2006-2010 Christian Ghisler

FileVersion
1, 0, 0, 5

TimeStamp
2016:08:17 14:45:11+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Totalcmd-idmin

SubsystemVersion
5.0

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ghisler Software GmbH

CodeSize
355840

FileSubtype
0

ProductVersionNumber
1.0.0.5

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 b1628ad6d1fbac090482a67102903b0e
SHA1 acfcb9e46ec108c37707595fe3ff4ee0c2f5d469
SHA256 2d17f375a5af63057798c1e3da685b72c8d8483494193060ac00cde6a81c38a0
ssdeep
12288:36xvhMgMO7pQ9AKDqNGFSWanMrV+v24TnWECM:36xZfY1DqNBWanMZ+v0K

authentihash 33f9b6501d121c5445a25c1ac51c1086d27ff8bace108999ba9d8c3524cbaddb
imphash 0dfdaa0687675ea8ae6f9a37cfbb325d
File size 598.5 KB ( 612864 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-16 13:56:49 UTC ( 2 years, 7 months ago )
Last submission 2016-08-22 15:04:48 UTC ( 2 years, 7 months ago )
File names eremlhah.exe
ucacjjip.exe
Totalcmd-idmin
file[1].exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications