× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2ffe26ebc652e4021d57c2656a848f83119a07669f8cc54e2849ca36cb3e0b93
File name: attach_to_me.exe
Detection ratio: 0 / 43
Analysis date: 2012-02-21 03:32:21 UTC ( 5 years, 5 months ago ) View latest
Antivirus Result Update
AhnLab-V3 20120220
AntiVir 20120221
Antiy-AVL 20120213
Avast 20120221
AVG 20120221
BitDefender 20120221
ByteHero 20120220
CAT-QuickHeal 20120220
ClamAV 20120221
Commtouch 20120221
Comodo 20120220
DrWeb 20120221
Emsisoft 20120221
eSafe 20120219
eTrust-Vet 20120220
F-Prot 20120220
F-Secure 20120221
Fortinet 20120221
GData 20120221
Ikarus 20120221
Jiangmin 20120220
K7AntiVirus 20120220
Kaspersky 20120221
McAfee 20120221
McAfee-GW-Edition 20120220
Microsoft 20120220
NOD32 20120221
Norman 20120220
nProtect 20120220
Panda 20120220
PCTools 20120217
Prevx 20120221
Rising 20120221
Sophos AV 20120221
SUPERAntiSpyware 20120206
Symantec 20120221
TheHacker 20120220
TrendMicro 20120220
TrendMicro-HouseCall 20120221
VBA32 20120220
VIPRE 20120220
ViRobot 20120220
VirusBuster 20120221
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-21 03:25:42
Entry Point 0x00001000
Number of sections 4
PE sections
PE imports
GetSystemDirectoryW
GetModuleHandleA
LoadResource
LockResource
CreateFileW
WriteFile
Sleep
CloseHandle
lstrcatW
FindResourceA
Number of PE resources by type
WALIED 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:02:21 04:25:42+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4096

LinkerVersion
6.0

EntryPoint
0x1000

InitializedDataSize
12288

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 40ddd3cd1fe41a95da215e48239a553a
SHA1 43f6b8d86837ac9313ca45566412d26262050e0e
SHA256 2ffe26ebc652e4021d57c2656a848f83119a07669f8cc54e2849ca36cb3e0b93
ssdeep
24:etGS+3Zy74mHuyVrTe6jWAgZ2QWq0EBsew:63zHD06j+Z5D

authentihash ea0558ba588c2fbbed5087c425f0a8507d4cb42a9ff8b13c7c222bcbeeff90c7
imphash c9add89dbedc1cd91ed7fa210ff1540c
File size 16.0 KB ( 16384 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-02-21 03:32:21 UTC ( 5 years, 5 months ago )
Last submission 2012-02-21 03:32:21 UTC ( 5 years, 5 months ago )
File names attach_to_me.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files