× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34f66782c3e014a66c4600b3ff41d14ebd98a435c16d01feb5964b21364c13ae
File name: UPS Invoice {DIGIT[8]}.exe
Detection ratio: 18 / 46
Analysis date: 2013-08-26 21:49:26 UTC ( 5 years, 9 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20130826
BitDefender Gen:Variant.Symmi.28739 20130826
Commtouch W32/Trojan.GPQS-8875 20130826
Comodo Heur.Packed.Unknown 20130826
DrWeb Trojan.PWS.Stealer.3243 20130826
Emsisoft Trojan.Win32.Agent (A) 20130826
ESET-NOD32 a variant of Win32/Kryptik.BIVR 20130826
F-Prot W32/Trojan3.FWL 20130826
F-Secure Gen:Variant.Symmi.28739 20130826
GData Gen:Variant.Symmi.28739 20130826
Ikarus Win32.Outbreak 20130826
Kaspersky Trojan-PSW.Win32.Tepfer.qedq 20130826
Malwarebytes Malware.Packer.DZ 20130826
McAfee PWS-Zbot-FBDT!7AF6CD41836D 20130826
McAfee-GW-Edition Artemis!7AF6CD41836D 20130826
eScan Gen:Variant.Symmi.28739 20130826
Sophos AV Troj/Zbot-GBN 20130826
Symantec Suspicious.Cloud.5 20130826
Yandex 20130826
AhnLab-V3 20130826
AntiVir 20130826
Antiy-AVL 20130826
AVG 20130826
ByteHero 20130814
CAT-QuickHeal 20130826
ClamAV 20130826
Fortinet 20130826
Jiangmin 20130826
K7AntiVirus 20130826
K7GW 20130826
Kingsoft 20130723
Microsoft 20130826
NANO-Antivirus 20130826
Norman 20130826
nProtect 20130826
Panda 20130826
PCTools 20130826
Rising 20130826
SUPERAntiSpyware 20130826
TheHacker 20130826
TotalDefense 20130826
TrendMicro 20130826
TrendMicro-HouseCall 20130826
VBA32 20130826
VIPRE 20130826
ViRobot 20130826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-04-18 12:47:09
Entry Point 0x0000170B
Number of sections 4
PE sections
PE imports
GetLastError
HeapFree
GetStdHandle
GetShortPathNameW
lstrcmpiA
GetExitCodeProcess
GetTickCount
TlsAlloc
GetLocalTime
GetLogicalDrives
GetConsoleTitleA
lstrcatW
SetFilePointer
GetModuleHandleA
GetStringTypeW
GetModuleHandleW
SetEnvironmentVariableA
SetPriorityClass
GetDriveTypeA
IsValidCodePage
HeapCreate
GetVersion
SetLastError
DllGetClassObject
HrLaunchConnection
DllCanUnloadNow
DllRegisterServer
Number of PE resources by type
RT_ICON 1
Struct(25) 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
FRENCH BELGIAN 3
RUSSIAN 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2006:04:18 13:47:09+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2048

LinkerVersion
2.25

FileTypeExtension
exe

InitializedDataSize
512

SubsystemVersion
4.0

EntryPoint
0x170b

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 7af6cd41836d1b9fe7834c3c1ce61bed
SHA1 3ff63ebd7b509ba7bbd292afa0a2ebd305ca982a
SHA256 34f66782c3e014a66c4600b3ff41d14ebd98a435c16d01feb5964b21364c13ae
ssdeep
3072:HKMWhm0Gmtc/LDFZfgOtDoLOCXc+mn/A0loyaRH:qMWhmyWL1KXAo0loHR

authentihash f1ea8c8ad8150586d9361583076ad2bb02e56150f71bd72459f172fcb69c7d52
imphash 1e6c6e2712378cebb2f48bc1b1247f4f
File size 113.0 KB ( 115712 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-26 15:05:17 UTC ( 5 years, 9 months ago )
Last submission 2018-05-06 00:01:26 UTC ( 1 year ago )
File names UPS Invoice {DIGIT[8]}.exe
file-5883666_exe
7af6cd41836d1b9fe7834c3c1ce61bed.exe
Case_{_partorderb}.exe.txt
comendo-99
Case_{_partorderb}.exe
6a1573fdc2215742d3f919973fd1dae90cf973b3
UPS Invoice {DIGIT[8]}.exe-2013-08-27_00_25_02.txt
comendo-99-1377530102
Case_{_partorderb}.exe
vti-rescan
7af6cd41836d1b9fe7834c3c1ce61bed
7af6cd41836d1b9fe7834c3c1ce61bed_kaf
comendo-99-1377530103
comendo-99-1377530102
007884319
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!