× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34657ed60774499cb47f2a2d5196e96c0b35ddec00365a363ddbc466bc286f5f
File name: 124b3238499c2151e833ac254a6720be
Detection ratio: 25 / 43
Analysis date: 2012-03-19 05:00:56 UTC ( 2 years, 1 month ago )
Antivirus Result Update
AVG Delf.ADRP 20120318
AntiVir TR/ArchSMS.mqsna 20120318
Avast Win32:SMSSend-MP [Trj] 20120317
BitDefender Gen:Application.SMSHoax.2 20120319
Comodo ApplicUnwnt.Win32.Hoax.ArchSMS.RW 20120318
DrWeb Tool.InstallToolbar.57 20120319
Emsisoft Trojan-Dropper.Delf!IK 20120319
F-Secure Gen:Application.SMSHoax.2 20120319
Fortinet W32/SMSFraud.AL!tr 20120318
GData Gen:Application.SMSHoax.2 20120319
Ikarus Trojan-Dropper.Delf 20120319
K7AntiVirus Trojan 20120316
Kaspersky Hoax.Win32.ArchSMS.scn 20120319
McAfee PWS-Zbot.gen.ro 20120319
McAfee-GW-Edition PWS-Zbot.gen.ro 20120319
Microsoft Program:Win32/Pameseg.BV 20120318
NOD32 a variant of Win32/Kryptik.ACJO 20120319
Norman W32/ArchSMS.AKE 20120318
Panda Trj/CI.A 20120318
Symantec WS.Reputation.1 20120319
TheHacker Trojan/ArchSMS.mqcj 20120318
VIPRE Hoax.Win32.ArchSMS (not malicious) 20120318
VirusBuster Trojan.ArchSMS!jYE49BcD/Bk 20120319
eTrust-Vet Win32/ArchSMS.G!generic 20120316
nProtect Gen:Application.SMSHoax.2 20120319
AhnLab-V3 20120318
Antiy-AVL 20120319
ByteHero 20120316
CAT-QuickHeal 20120318
ClamAV 20120319
Commtouch 20120319
F-Prot 20120319
Jiangmin 20120318
PCTools 20120314
Prevx 20120319
Rising 20120319
SUPERAntiSpyware 20120317
Sophos 20120319
TrendMicro 20120318
TrendMicro-HouseCall 20120319
VBA32 20120316
ViRobot 20120319
eSafe 20120315
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Number of sections 8
PE sections
PE imports
GetTokenInformation
PageSetupDlgA, PrintDlgW
GetCharABCWidthsFloatA, EngStrokeAndFillPath, EndPage, GdiAlphaBlend
SetFileAttributesW, ConvertDefaultLocale, LoadLibraryA, Heap32Next, EnumerateLocalComputerNamesW, DnsHostnameToComputerNameW, SetConsoleDisplayMode, AddAtomA, CreateProcessInternalA, InterlockedExchangeAdd, GetWindowsDirectoryA, GetDefaultCommConfigA, CreateDirectoryExW
PropVariantChangeType, CoSetState, CoGetMarshalSizeMax, CoGetStdMarshalEx, CoFreeLibrary
StrCmpNW, SHPathPrepareForWriteW, SHOpenFolderAndSelectItems, SHFileOperationW
SHRegDeleteUSValueW, StrTrimW, StrFromTimeIntervalA, StrIsIntlEqualA
TranslateMDISysAccel, SetCaretPos, GetAsyncKeyState, LoadCursorA, GetMouseMovePointsEx, InsertMenuW, TranslateMessageEx, GetWindow, EnumPropsW, SendNotifyMessageW, SetInternalWindowPos, SendMessageA, CharPrevA, OemToCharBuffW, BringWindowToTop, DrawTextW, CreateIcon, CreateIconIndirect, SendMessageTimeoutW, SetDlgItemTextA, EnumPropsA, DestroyIcon, IsWindow, DialogBoxParamW
VerFindFileA, VerQueryValueW, GetFileVersionInfoSizeA, GetFileVersionInfoA
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
3175936

LinkerVersion
8.0

EntryPoint
0x308430

InitializedDataSize
123392

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 124b3238499c2151e833ac254a6720be
SHA1 c9850f03031a548551f6f1aa9b4338c386d53431
SHA256 34657ed60774499cb47f2a2d5196e96c0b35ddec00365a363ddbc466bc286f5f
ssdeep
98304:sr+fB9E9TRlZk1BJ7Dr2S/gSW4B+vt4FHNPKptUMIgs/+4jsqSxR1zqPIUzim7t:84zBx7mS/g6Gt4FQvIrRbYRIzik

File size 6.7 MB ( 6977757 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2012-03-12 01:31:24 UTC ( 2 years, 1 month ago )
Last submission 2012-03-19 05:00:56 UTC ( 2 years, 1 month ago )
File names output.1169959.txt
124b3238499c2151e833ac254a6720be
1169959
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!