× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34eb0c91ff39e09a4f9e07777949b00b8289f739f570cc74e991d2d591d5e08f
File name: fdgjbhis75.exe
Detection ratio: 4 / 55
Analysis date: 2015-12-15 13:24:10 UTC ( 1 year, 8 months ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.3BB6 20151215
Kaspersky HEUR:Trojan.Win32.Generic 20151215
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.fc 20151215
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20151215
Ad-Aware 20151215
AegisLab 20151215
Yandex 20151214
AhnLab-V3 20151215
Alibaba 20151208
ALYac 20151215
Antiy-AVL 20151215
Arcabit 20151215
Avast 20151215
AVG 20151215
Avira (no cloud) 20151215
AVware 20151215
Baidu-International 20151215
BitDefender 20151215
ByteHero 20151215
CAT-QuickHeal 20151215
ClamAV 20151215
CMC 20151215
Comodo 20151215
Cyren 20151215
DrWeb 20151215
Emsisoft 20151215
ESET-NOD32 20151215
F-Prot 20151215
F-Secure 20151215
Fortinet 20151215
GData 20151215
Ikarus 20151215
Jiangmin 20151214
K7AntiVirus 20151215
K7GW 20151215
Malwarebytes 20151215
McAfee 20151215
Microsoft 20151215
eScan 20151215
NANO-Antivirus 20151215
nProtect 20151215
Panda 20151213
Qihoo-360 20151215
Sophos AV 20151215
SUPERAntiSpyware 20151215
Symantec 20151214
Tencent 20151215
TheHacker 20151215
TrendMicro 20151215
TrendMicro-HouseCall 20151215
VBA32 20151215
VIPRE 20151215
ViRobot 20151215
Zillya 20151214
Zoner 20151215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
TeamViewer GmbH

Product TeamViewer
File version 10.0.50527.0
Comments TeamViewer Remote Control Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-15 09:55:11
Entry Point 0x00007E46
Number of sections 4
PE sections
PE imports
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExW
InitializeSecurityDescriptor
RegDeleteKeyW
OpenSCManagerA
ImageList_Draw
GetDeviceCaps
CreateCompatibleDC
CreateRectRgn
DeleteDC
EndDoc
SelectObject
GetTextExtentPoint32A
CreateFontA
CreatePen
TextOutA
SetTextJustification
CreateSolidBrush
StartPage
GdiSetBatchLimit
DeleteObject
CreateCompatibleBitmap
EndPage
ImmGetContext
GetLastError
GetFileAttributesA
GlobalGetAtomNameW
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
LoadLibraryA
GetStartupInfoA
GetCurrentDirectoryW
GetCurrentProcessId
GetProcessHeaps
UnhandledExceptionFilter
GetProcAddress
InterlockedCompareExchange
CreateFileMappingW
lstrcpyW
GetModuleHandleA
lstrcmpA
InterlockedExchange
SetUnhandledExceptionFilter
GetCurrentProcess
MulDiv
GetSystemTimeAsFileTime
LocalFree
TerminateProcess
GetConsoleWindow
Sleep
GetTickCount
GetCurrentThreadId
ExitProcess
LocalAlloc
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
__p__fmode
?what@exception@std@@UBEPBDXZ
memset
__dllonexit
_controlfp_s
_vsnprintf_s
printf
_invoke_watson
strncpy
_cexit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??2@YAPAXI@Z
_lock
__p__commode
_onexit
_amsg_exit
exit
_XcptFilter
_encode_pointer
__setusermatherr
_initterm_e
_crt_debugger_hook
_acmdln
_CxxThrowException
_ismbblead
memmove_s
_unlock
_adjust_fdiv
??3@YAXPAX@Z
__CxxFrameHandler3
_except_handler4_common
__getmainargs
_exit
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
_decode_pointer
_invalid_parameter_noinfo
isprint
??0exception@std@@QAE@ABQBD@Z
_configthreadlocale
??0exception@std@@QAE@XZ
_initterm
__set_app_type
SetupDiEnumDriverInfoA
SetupDiGetClassInstallParamsA
SetupDiSetSelectedDriverA
SetupDiCreateDeviceInfoList
SHGetPathFromIDListW
SHBrowseForFolderW
StrToIntExA
InitializeSecurityContextA
DrawTextA
ShowWindow
DefWindowProcA
FindWindowA
EnumDisplayMonitors
SetMenuItemInfoA
EnumChildWindows
WindowFromPoint
DialogBoxParamA
GetWindow
GetDC
ReleaseDC
GetDlgCtrlID
SetWindowTextA
GetMenu
SendMessageA
GetDlgItem
SetRect
GetMenuItemInfoA
GetCursor
GetFocus
GetWindowTextA
GetWindowContextHelpId
CoTaskMemFree
CreateClassMoniker
OleGetClipboard
Ord(104)
ExifTool file metadata
UninitializedDataSize
0

Comments
TeamViewer Remote Control Application

InitializedDataSize
354816

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
10.0.50527.0

LanguageCode
Unknown (03EB)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
9.0

EntryPoint
0x7e46

MIMEType
application/octet-stream

LegalCopyright
TeamViewer GmbH

FileVersion
10.0.50527.0

TimeStamp
2015:12:15 10:55:11+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
10.0.50527.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
TeamViewer GmbH

CodeSize
30208

ProductName
TeamViewer

ProductVersionNumber
10.0.50527.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4cadf61e96c2d62292320c556fd34fe6
SHA1 d71d803a2ab6dab63ac76974246d7c4e95bcf2a8
SHA256 34eb0c91ff39e09a4f9e07777949b00b8289f739f570cc74e991d2d591d5e08f
ssdeep
6144:5Fm3xGhswMGVwH1zSsGAby9YZBxplji4o/d4PEZkV4VbUZWWAKWroBOlwJ6V6s:5Fm3xGhswMGeHmAbOYJpljf26P4kVqUo

authentihash 1252cbb02abb02ba77224aa2ad910845912dcf0117e96b6cec01292c713baad1
imphash 3bbafe4261ff5db2c28307f8b613bd68
File size 377.0 KB ( 386048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-12-15 12:25:03 UTC ( 1 year, 8 months ago )
Last submission 2016-04-08 15:31:09 UTC ( 1 year, 4 months ago )
File names ctruiovy.exe
ayuijo74.exe
FILE_42 (1)
34eb0c91ff39e09a4f9e07777949b00b8289f739f570cc74e991d2d591d5e08f.exe.ubqu
gfbnh56.exe
fdgjbhis75.exe
fdgbh44b.exe
FILE_42 (2)
egidjd87.exe
bvn4854.exe
shereder.exe.3804.dr
shereder.exe
34eb0c91ff39e09a4f9e07777949b00b8289f739f570cc74e991d2d591d5e08f.bin
FILE_42
dfiubgh5.exe
shereder.exe.3700.dr
invoice_60277976_scan.exe-1
4cadf61e96c2d62292320c556fd34fe6.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Terminated processes
Created mutexes
Opened mutexes
Opened service managers
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications