× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3400751d67470a0dde93d0c0e08861c552b0169d621770691d265bd3eb5c54e1
File name: 96c31ee0ae448fc1a74ad5553498e16e7d97cc27
Detection ratio: 9 / 57
Analysis date: 2016-03-26 20:30:26 UTC ( 2 years, 12 months ago ) View latest
Antivirus Result Update
AegisLab Troj.W32.Yakes!c 20160326
Antiy-AVL Trojan/Win32.Yakes 20160326
Baidu Win32.Trojan.WisdomEyes.151026.9950.9977 20160325
BitDefender Trojan.GenericKD.3121540 20160326
Jiangmin Trojan.Yakes.igl 20160326
Kaspersky Trojan.Win32.Yakes.pimb 20160326
Panda Trj/Genetic.gen 20160326
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20160326
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 [F] 20160326
Ad-Aware 20160326
Yandex 20160316
AhnLab-V3 20160326
Alibaba 20160323
ALYac 20160326
Arcabit 20160326
Avast 20160326
AVG 20160326
Avira (no cloud) 20160326
Baidu-International 20160326
Bkav 20160326
ByteHero 20160326
CAT-QuickHeal 20160326
ClamAV 20160326
CMC 20160322
Comodo 20160326
Cyren 20160326
DrWeb 20160326
Emsisoft 20160326
ESET-NOD32 20160326
F-Prot 20160326
F-Secure 20160326
Fortinet 20160326
GData 20160326
Ikarus 20160326
K7AntiVirus 20160326
K7GW 20160323
Kingsoft 20160326
Malwarebytes 20160326
McAfee 20160326
McAfee-GW-Edition 20160326
Microsoft 20160326
eScan 20160326
NANO-Antivirus 20160326
nProtect 20160325
Sophos AV 20160326
SUPERAntiSpyware 20160326
Symantec 20160326
Tencent 20160326
TheHacker 20160325
TotalDefense 20160326
TrendMicro 20160326
TrendMicro-HouseCall 20160326
VBA32 20160325
VIPRE 20160326
ViRobot 20160326
Zillya 20160326
Zoner 20160326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1999-2003 vvvSoft, Ltd.

Product vvvSoft MP3Finder
Original name MP3Finder.exe
Internal name MP3Finder
File version 2.32
Description MP3Finder - Finds all mp3-files in your LAN
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-11-16 02:00:27
Entry Point 0x00002A69
Number of sections 4
PE sections
PE imports
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
LineTo
CreateHatchBrush
DeleteDC
CreateFontIndirectW
SetBkMode
MoveToEx
CreatePen
EnumFontFamiliesExW
GetStockObject
CreateSolidBrush
Rectangle
GetObjectW
SelectObject
SetBkColor
CreateCompatibleDC
GetPixel
CreateCompatibleBitmap
SetTextColor
DeleteObject
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
HeapDestroy
EncodePointer
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
GetFullPathNameW
SetLastError
PeekNamedPipe
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetPrivateProfileStringW
CreateThread
SetUnhandledExceptionFilter
ConvertDefaultLocale
IsProcessorFeaturePresent
DecodePointer
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
GetStartupInfoW
GetProcAddress
GetPrivateProfileIntW
GetProcessHeap
CompareStringW
lstrcpyW
GetFileInformationByHandle
FindFirstFileExW
GlobalLock
GetBinaryTypeA
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GlobalFree
GetConsoleCP
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCPInfo
HeapSize
GetCommandLineA
WritePrivateProfileStringW
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
FindResourceW
Sleep
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
PathFileExistsW
PathRemoveFileSpecW
PathAppendW
PathFindFileNameW
SetFocus
CreateDialogParamW
GetParent
CreateDialogIndirectParamW
UpdateWindow
BeginPaint
InvalidateRect
DefWindowProcW
MoveWindow
KillTimer
DestroyMenu
ScreenToClient
ShowWindow
SetWindowPos
EndPaint
GetSystemMetrics
SetWindowLongW
IsWindow
PeekMessageW
GetWindowRect
InflateRect
EnableWindow
CallWindowProcA
WindowFromPoint
MessageBoxA
IsMenu
SetWindowLongA
SendDlgItemMessageW
DestroyCursor
PostMessageW
GetSysColor
RegisterClipboardFormatW
GetDC
GetKeyState
GetCursorPos
ReleaseDC
CreatePopupMenu
SendMessageW
SetCursor
SetClipboardData
GetWindowLongW
IsWindowVisible
LoadStringW
GetClientRect
SetTimer
GetDlgItem
SystemParametersInfoW
MessageBoxW
FrameRect
LoadImageW
DrawFocusRect
CreateMenu
CallWindowProcW
TrackPopupMenu
ClientToScreen
FillRect
GetWindowTextW
IsWindowUnicode
LoadIconW
CreateWindowExW
InsertMenuW
wsprintfW
CloseClipboard
DrawTextW
DestroyWindow
CreateCursor
OpenClipboard
Number of PE resources by type
RT_STRING 32
RT_ICON 19
RT_GROUP_ICON 14
RT_CURSOR 10
RT_GROUP_CURSOR 5
RT_MENU 5
Struct(241) 4
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 91
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.3.2.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
57344

EntryPoint
0x2a69

OriginalFileName
MP3Finder.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1999-2003 vvvSoft, Ltd.

FileVersion
2.32

TimeStamp
2015:11:16 02:00:27+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
MP3Finder

ProductVersion
2.32

FileDescription
MP3Finder - Finds all mp3-files in your LAN

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
vvvSoft

CodeSize
54784

ProductName
vvvSoft MP3Finder

ProductVersionNumber
2.3.2.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 b8250755c67a3066d4f7b9ed91c2f03f
SHA1 2364b8f56f0c663d67e0c33c98acb4115aef5576
SHA256 3400751d67470a0dde93d0c0e08861c552b0169d621770691d265bd3eb5c54e1
ssdeep
1536:jBHn+lfKf+k8EGX1I8bP2Hqjq949Z1eZKjmUlVHruFAuIkag8v4uwoQbv5:Nn+lq+k8E41Ij8Z1QkmUlhKIkGv4uAh

authentihash 78eb0bca8f4aed8da8eccfae78aa58806ae151509ecdfab74426eac64055bef6
imphash 8f4eab619c7c4892031027a69935948b
File size 110.5 KB ( 113152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.0%)
Win64 Executable (generic) (31.0%)
Windows screen saver (14.7%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Tags
peexe

VirusTotal metadata
First submission 2016-03-26 04:51:21 UTC ( 2 years, 12 months ago )
Last submission 2018-05-10 08:45:12 UTC ( 10 months, 2 weeks ago )
File names invoice.exe
MP3Finder.exe
MP3Finder
3400751d67470a0dde93d0c0e08861c552b0169d621770691d265bd3eb5c54e1.exe
96c31ee0ae448fc1a74ad5553498e16e7d97cc27
WlrGRVX.jar
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R021C0OCU16.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Opened mutexes
Runtime DLLs
UDP communications