× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34f91afeaa3ef90044aefa4c9ee66cf2f0355c8707fa197ac1f2d9ac1cdb7c63
File name: 4c0b70f5d6e15ed1c74f6ba005ccce36
Detection ratio: 12 / 55
Analysis date: 2014-09-19 08:10:58 UTC ( 2 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Spyware/Win32.Zbot 20140918
Antiy-AVL Trojan[Spy]/Win32.Zbot 20140919
Avast Win32:Malware-gen 20140919
AVG Zbot.OCB 20140919
ESET-NOD32 Win32/Spy.Zbot.YW 20140919
Kaspersky Trojan-Spy.Win32.Zbot.udwi 20140919
Malwarebytes Trojan.Agent.ED 20140919
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dc 20140919
Microsoft PWS:Win32/Zbot 20140919
Panda Trj/Chgt.G 20140918
Qihoo-360 Win32/Trojan.Multi.daf 20140919
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20140918
Ad-Aware 20140919
AegisLab 20140919
Yandex 20140918
Avira (no cloud) 20140919
AVware 20140919
Baidu-International 20140919
BitDefender 20140919
Bkav 20140918
ByteHero 20140919
CAT-QuickHeal 20140919
ClamAV 20140918
CMC 20140918
Comodo 20140919
Cyren 20140919
DrWeb 20140919
Emsisoft 20140919
F-Prot 20140919
F-Secure 20140919
Fortinet 20140919
GData 20140919
Ikarus 20140919
Jiangmin 20140918
K7AntiVirus 20140918
K7GW 20140918
Kingsoft 20140919
McAfee 20140919
eScan 20140919
NANO-Antivirus 20140919
Norman 20140919
nProtect 20140918
Sophos 20140919
SUPERAntiSpyware 20140919
Symantec 20140919
Tencent 20140919
TheHacker 20140917
TotalDefense 20140918
TrendMicro 20140919
TrendMicro-HouseCall 20140919
VBA32 20140918
VIPRE 20140919
ViRobot 20140919
Zillya 20140919
Zoner 20140919
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright (c) EZB Systems, Inc.

Publisher EZB Systems, Inc.
Product UltraISO Premium
Original name ultraiso.exe
Internal name UltraISO
File version 9.5.3.3
Description UltraISO Premium
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-17 07:38:14
Entry Point 0x000048BA
Number of sections 4
PE sections
Number of PE resources by type
RT_DIALOG 3
RT_ICON 2
Struct(240) 1
RT_MANIFEST 1
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
RUSSIAN 1
PE resources
File identification
MD5 4c0b70f5d6e15ed1c74f6ba005ccce36
SHA1 d9d17eebc38f1573dc725279db3e9c0fb06d7818
SHA256 34f91afeaa3ef90044aefa4c9ee66cf2f0355c8707fa197ac1f2d9ac1cdb7c63
ssdeep
6144:cQTRQ+in2AVj3rHw/uXBnyoC/NjNBHAHiaTaYRrr4X+CAzb9hWP:I2Wj3rls1BVA1TaYRXUQ3a

authentihash abf70b883b7513804fd5fff7f5d33d5384a3205bc71d7d753ef16e2305455a88
imphash 34997d31c3d788888bbcf8ea44ca0a3c
File size 299.0 KB ( 306176 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-09-19 08:10:58 UTC ( 2 years, 6 months ago )
Last submission 2014-09-19 08:10:58 UTC ( 2 years, 6 months ago )
File names 34f91afeaa3ef90044aefa4c9ee66cf2f0355c8707fa197ac1f2d9ac1cdb7c63.exe
UltraISO
ultraiso.exe
4c0b70f5d6e15ed1c74f6ba005ccce36
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!