× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 335b2c86af10127479ae727dda033afb95bcef5fa10ed7d799b7a293647ab8b1
File name: BF6BECB0B0C6E5B972802B134602B4A9
Detection ratio: 6 / 57
Analysis date: 2016-11-22 00:19:00 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20161121
CrowdStrike Falcon (ML) malicious_confidence_91% (D) 20161024
Sophos ML trojan.win32.matsnu.q 20161018
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20161122
Rising Malware.Generic!EOeW65MmPyT@2 (thunder) 20161121
Symantec Heur.AdvML.B 20161121
Ad-Aware 20161121
AegisLab 20161121
AhnLab-V3 20161121
Alibaba 20161121
ALYac 20161122
Antiy-AVL 20161122
Arcabit 20161121
Avast 20161122
AVG 20161122
Avira (no cloud) 20161122
AVware 20161122
BitDefender 20161121
Bkav 20161121
CAT-QuickHeal 20161121
ClamAV 20161122
CMC 20161121
Comodo 20161122
Cyren 20161122
DrWeb 20161122
Emsisoft 20161122
ESET-NOD32 20161121
F-Prot 20161122
F-Secure 20161122
Fortinet 20161122
GData 20161122
Ikarus 20161121
Jiangmin 20161121
K7AntiVirus 20161121
K7GW 20161122
Kaspersky 20161121
Kingsoft 20161122
Malwarebytes 20161121
McAfee 20161121
McAfee-GW-Edition 20161121
Microsoft 20161121
eScan 20161121
NANO-Antivirus 20161121
nProtect 20161121
Panda 20161121
Sophos AV 20161121
SUPERAntiSpyware 20161121
Tencent 20161122
TheHacker 20161117
TotalDefense 20161121
TrendMicro 20161121
TrendMicro-HouseCall 20161121
Trustlook 20161122
VBA32 20161121
VIPRE 20161121
ViRobot 20161121
Yandex 20161121
Zillya 20161121
Zoner 20161121
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright Overpronounce

Product sike lilted nut
Original name sike.exe
Internal name sike
File version 9.0.6309.12513
Description sike fino tuy off
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-12-13 08:22:34
Entry Point 0x00004FEB
Number of sections 4
PE sections
PE imports
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
CryptDestroyHash
RegQueryValueExW
GetSystemTime
HeapFree
LCMapStringW
SetHandleCount
FileTimeToSystemTime
GetModuleFileNameW
GetEnvironmentStringsA
GetOEMCP
LCMapStringA
HeapAlloc
GetEnvironmentStringsW
GetModuleFileNameA
FreeEnvironmentStringsA
GetCurrentProcess
GetEnvironmentStrings
GetWindowsDirectoryW
GetFileSize
FreeEnvironmentStringsW
DeleteFileW
GetProcessHeap
GetTempPathA
GetCPInfo
lstrcmpiA
GetStringTypeA
GetSystemDefaultUILanguage
MulDiv
lstrcpynA
GetStringTypeW
GetModuleHandleW
HeapCreate
CreateFileA
VirtualAlloc
GetEnvironmentVariableW
ReadStringStream
PropSysFreeString
HMETAFILE_UserMarshal
WriteFmtUserTypeStg
CoCreateInstanceEx
CoGetClassVersion
CreateGenericComposite
VarUI4FromUI2
VarCat
VarCyCmpR8
RevokeActiveObject
NdrConformantVaryingArrayBufferSize
NdrVaryingArrayUnmarshall
GetWindowThreadProcessId
ShowCaret
GetWindowRect
EnableWindow
GetWindowTextW
DefFrameProcA
DialogBoxParamA
GetClientRect
SetWindowLongA
ShowWindow
DefMDIChildProcA
FindWindowA
GetWindowInfo
PeekMessageW
mmioOpenW
mciFreeCommandResource
midiDisconnect
mmioGetInfo
mciLoadCommandResource
mciSendStringW
midiStreamOut
mciSendCommandW
waveOutGetDevCapsW
mciGetCreatorTask
mmioStringToFOURCCW
waveOutPause
WSALookupServiceBeginA
WSAAddressToStringW
WSAGetServiceClassNameByClassIdW
getprotobyname
WSAStringToAddressW
Number of PE resources by type
RT_DIALOG 2
RT_ICON 1
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.0.6309.12513

UninitializedDataSize
8192

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
384000

EntryPoint
0x4feb

OriginalFileName
sike.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Overpronounce

FileVersion
9.0.6309.12513

TimeStamp
2002:12:13 09:22:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
sike

ProductVersion
9.0.6309.12513

FileDescription
sike fino tuy off

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Overpronounce

CodeSize
23040

ProductName
sike lilted nut

ProductVersionNumber
9.0.6309.12513

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 bf6becb0b0c6e5b972802b134602b4a9
SHA1 92cc717ec033a5a2478ebbc0c48186c0a4b51ec3
SHA256 335b2c86af10127479ae727dda033afb95bcef5fa10ed7d799b7a293647ab8b1
ssdeep
6144:psBGyIY7MwrzYdeab6QuY9blWLkecGVEXAlgFNAALwm94yleg+EmQsYOXvP6z+z5:oGo7MmzY4MaYc+GflCNrL3uEmQqvrf6k

authentihash 82202f069aca021f735d0eca7216515d0887bf0adf21dd7d23e8b6c851634855
imphash fe48993eaf7dedbb0a0f72c85d086dc6
File size 370.5 KB ( 379392 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-22 00:19:00 UTC ( 2 years, 3 months ago )
Last submission 2016-11-22 00:19:00 UTC ( 2 years, 3 months ago )
File names sike
sike.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Deleted files
Created processes
Opened mutexes
Searched windows
Runtime DLLs
UDP communications