× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2fd5a4f33bdb8ddaa2e17db30a896472a467737f600bfd07ecdc3f9c7be82148
File name: EBook.exe
Detection ratio: 0 / 56
Analysis date: 2015-01-14 03:22:44 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Ad-Aware 20150124
AegisLab 20150124
Yandex 20150124
AhnLab-V3 20150123
Alibaba 20150120
ALYac 20150124
Antiy-AVL 20150124
Avast 20150124
AVG 20150124
Avira (no cloud) 20150124
AVware 20150124
Baidu-International 20150123
BitDefender 20150124
Bkav 20150123
ByteHero 20150124
CAT-QuickHeal 20150123
ClamAV 20150124
CMC 20150124
Comodo 20150124
Cyren 20150124
DrWeb 20150124
Emsisoft 20150124
ESET-NOD32 20150124
F-Prot 20150124
F-Secure 20150124
Fortinet 20150124
GData 20150124
Ikarus 20150123
Jiangmin 20150123
K7AntiVirus 20150123
Kaspersky 20150124
Kingsoft 20150124
Malwarebytes 20150124
McAfee 20150124
McAfee-GW-Edition 20150124
Microsoft 20150124
eScan 20150124
NANO-Antivirus 20150124
Norman 20150123
nProtect 20150123
Panda 20150123
Qihoo-360 20150124
Rising 20150123
Sophos AV 20150124
SUPERAntiSpyware 20150124
Symantec 20150124
Tencent 20150124
TheHacker 20150123
TotalDefense 20150123
TrendMicro 20150124
TrendMicro-HouseCall 20150124
VBA32 20150123
VIPRE 20150124
ViRobot 20150124
Zillya 20150124
Zoner 20150123
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) Armand Morin, 2003

Publisher http://www.ebookgenerator.com
Product EBook Generator
Original name EBook.exe
File version 3, 0, 9, 26
Description EBook Viewer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-10-10 10:38:02
Entry Point 0x0001DD91
Number of sections 6
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegDeleteValueA
GetFileSecurityA
RegCreateKeyExA
RegCreateKeyA
RegOpenKeyExA
SetFileSecurityA
GetWindowExtEx
SetMapMode
SetBkMode
PatBlt
SaveDC
TextOutA
CreateFontIndirectA
GetTextMetricsA
CreateRectRgnIndirect
LPtoDP
CombineRgn
GetClipBox
GetDeviceCaps
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
GetMapMode
SelectObject
IntersectClipRect
BitBlt
GetCharWidthA
RealizePalette
SetTextColor
DPtoLP
CreatePatternBrush
GetObjectA
RectVisible
CreateBitmap
CreateFontA
CreatePalette
GetStockObject
CreateDIBitmap
SetViewportOrgEx
SelectPalette
SetBkColor
ExtTextOutA
PtVisible
GetTextExtentPointA
SelectClipRgn
CreateCompatibleDC
StretchBlt
StretchDIBits
ScaleWindowExtEx
ScaleViewportExtEx
CreateRectRgn
DeleteObject
CreateCompatibleBitmap
SetWindowExtEx
GetTextColor
CreateSolidBrush
SetViewportExtEx
Escape
GetViewportExtEx
GetBkColor
SetRectRgn
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
IsBadCodePtr
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
HeapReAlloc
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
WriteFile
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
MoveFileA
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
FormatMessageA
GetStringTypeExA
SetLastError
GetSystemTime
GetEnvironmentVariableA
GlobalFindAtomA
ExitProcess
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
GetPrivateProfileStringA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
CreateThread
GetExitCodeThread
GlobalAddAtomA
SetUnhandledExceptionFilter
GetCurrentProcess
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
LocalFileTimeToFileTime
SetEndOfFile
GetVersion
LeaveCriticalSection
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
lstrcmpiA
GetOEMCP
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetProcAddress
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
GetTempFileNameA
GetComputerNameA
DuplicateHandle
GlobalLock
RemoveDirectoryA
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
SetFileTime
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
SuspendThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetCurrentThreadId
SizeofResource
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
GetProcessVersion
FindResourceA
VirtualAlloc
VariantChangeType
SafeArrayAccessData
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SafeArrayGetUBound
SafeArrayUnaccessData
VariantClear
SysAllocString
SafeArrayCreate
VariantCopy
VariantInit
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetDim
SysAllocStringByteLen
SysFreeString
Ord(253)
SHGetFileInfoA
ExtractIconA
DragFinish
ShellExecuteA
DragQueryFileA
RedrawWindow
RegisterClipboardFormatA
GetMessagePos
SetMenuItemBitmaps
SetRectEmpty
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
GetNextDlgTabItem
IsWindow
SetTimer
DispatchMessageA
EndPaint
GrayStringA
WindowFromPoint
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
DrawTextA
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetScrollPos
CallNextHookEx
LoadAcceleratorsA
GetWindowTextLengthA
CopyAcceleratorTableA
ClientToScreen
GetTopWindow
LockWindowUpdate
ShowCaret
ScrollWindow
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
EqualRect
ShowScrollBar
ShowWindow
GetPropA
GetNextDlgGroupItem
GetDesktopWindow
EnableWindow
SetWindowPlacement
ExcludeUpdateRgn
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
CreatePopupMenu
LoadStringA
SetParent
IsZoomed
GetWindowPlacement
DrawMenuBar
EnableMenuItem
RegisterClassA
TabbedTextOutA
GetSubMenu
GetDCEx
GetActiveWindow
ShowOwnedPopups
FillRect
SetWindowContextHelpId
DeferWindowPos
IsWindowUnicode
ReleaseDC
PtInRect
IsChild
IsDialogMessageA
MapWindowPoints
SetCapture
BeginPaint
OffsetRect
SetFocus
GetScrollPos
KillTimer
CharNextA
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
SendDlgItemMessageA
GetSystemMetrics
IsIconic
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
EnumChildWindows
IntersectRect
SetWindowLongA
GetScrollInfo
RemovePropA
SetWindowTextA
CheckMenuItem
GetWindowLongA
GetLastActivePopup
CreateWindowExA
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemCount
GetMenuState
ReuseDDElParam
GetMenuItemID
SetForegroundWindow
PostThreadMessageA
MapDialogRect
GetScrollRange
EndDialog
LoadMenuA
HideCaret
CopyRect
GetCapture
FindWindowA
MessageBeep
RemoveMenu
GetSysColorBrush
BeginDeferWindowPos
AppendMenuA
UnhookWindowsHookEx
SetDlgItemTextA
MoveWindow
CallWindowProcA
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetScrollInfo
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
DestroyIcon
IsWindowVisible
UnpackDDElParam
SetCursorPos
WinHelpA
UnionRect
SetRect
InvalidateRect
wsprintfA
TranslateAcceleratorA
DefDlgProcA
ValidateRect
IsRectEmpty
GetClassNameA
GetFocus
ModifyMenuA
SetMenu
SetCursor
HttpSendRequestA
InternetOpenUrlA
InternetQueryDataAvailable
InternetWriteFile
HttpOpenRequestA
InternetReadFile
InternetCanonicalizeUrlA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetConnectA
InternetQueryOptionA
InternetSetStatusCallback
InternetErrorDlg
HttpQueryInfoA
InternetSetFilePointer
InternetCrackUrlA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
PrintDlgA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
CommDlgExtendedError
OleUninitialize
CoUninitialize
CoInitialize
StgCreateDocfileOnILockBytes
CoRevokeClassObject
OleFlushClipboard
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
CoInternetGetSession
ReleaseBindInfo
CoInternetParseUrl
Number of PE resources by type
RT_STRING 21
RT_BITMAP 11
RT_DIALOG 10
RT_CURSOR 5
RT_GROUP_CURSOR 3
Struct(241) 3
RT_ICON 2
RT_ACCELERATOR 2
RT_GROUP_ICON 2
Struct(240) 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 60
RUSSIAN 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.0.9.26

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
274432

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) Armand Morin, 2003

FileVersion
3, 0, 9, 26

TimeStamp
2003:10:10 11:38:02+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2015:01:24 06:43:38+01:00

ProductVersion
3, 0, 9, 26

FileDescription
EBook Viewer

OSVersion
4.0

FileCreateDate
2015:01:24 06:43:38+01:00

OriginalFilename
EBook.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
http://www.ebookgenerator.com

CodeSize
331776

ProductName
EBook Generator

ProductVersionNumber
3.0.9.26

EntryPoint
0x1dd91

ObjectFileType
Executable application

File identification
MD5 711a103b1123233bce02aa0a345fdd3f
SHA1 3f12764135c7ad57c189bda32b86290b24dd46b4
SHA256 2fd5a4f33bdb8ddaa2e17db30a896472a467737f600bfd07ecdc3f9c7be82148
ssdeep
12288:oPhW4mAMrm9IVwnKVEhYRAuZrYcN/1gLXh:kVrownKeYocd1gLx

authentihash 62056da584ad11aad0c7eb559c9b519a3c34e26b807db6416ae43b0beddae07d
imphash bd13b740a7a4e5aa6d4ecb0af5282f80
File size 628.0 KB ( 643108 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-12-31 03:18:10 UTC ( 3 years, 7 months ago )
Last submission 2014-12-31 03:18:10 UTC ( 3 years, 7 months ago )
File names 1347896223-Cabbage_Soup_Diet.exe
EBook.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.