× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3559378c933cdd434af2083f7535460843d2462033de74ec7c70dbe5f70124f5
File name: cloudcar.exe
Detection ratio: 14 / 47
Analysis date: 2013-06-09 21:09:51 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
AVG CLOUDCAR_Test 20130609
Commtouch W32/Trojan.WGXQ-1017 20130609
Comodo Application.Win32.CloudTest.s 20130609
Ikarus AMTSO-CLOUD-Test 20130609
Kaspersky UDS:DangerousObject.Multi.Generic 20130609
McAfee Cldcar-Test!3FB121FBBCCB 20130609
McAfee-GW-Edition Cldcar-Test!3FB121FBBCCB 20130609
Norman Suspicious_Gen4.DOEHT 20130609
Panda Trj/CI.A 20130609
Sophos AV Mal/Generic-S 20130609
Symantec WS.Reputation.1 20130609
TrendMicro AMTSO_TEST_CLOUDCAR 20130609
TrendMicro-HouseCall AMTSO_TEST_CLOUDCAR 20130609
VIPRE Trojan.Win32.Generic!BT 20130609
Yandex 20130609
AhnLab-V3 20130609
AntiVir 20130609
Antiy-AVL 20130609
Avast 20130609
BitDefender 20130609
ByteHero 20130606
CAT-QuickHeal 20130607
ClamAV 20130609
DrWeb 20130609
Emsisoft 20130609
eSafe 20130606
ESET-NOD32 20130609
F-Prot 20130609
F-Secure 20130609
Fortinet 20130609
GData 20130609
Jiangmin 20130609
K7AntiVirus 20130607
K7GW 20130607
Kingsoft 20130506
Malwarebytes 20130609
Microsoft 20130609
eScan 20130609
NANO-Antivirus 20130609
nProtect 20130609
PCTools 20130521
Rising 20130607
SUPERAntiSpyware 20130609
TheHacker 20130608
TotalDefense 20130607
VBA32 20130608
ViRobot 20130609
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-07-08 23:02:46
Entry Point 0x0000131E
Number of sections 5
PE sections
Overlays
MD5 c1d21e08ba69099724ee47a8331214ef
File type ASCII text
Offset 7168
Size 10
Entropy 3.32
PE imports
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
GetStartupInfoW
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
InterlockedCompareExchange
__p__fmode
__wgetmainargs
__dllonexit
_controlfp_s
_invoke_watson
_cexit
?terminate@@YAXXZ
_lock
__p__commode
_onexit
exit
_XcptFilter
_encode_pointer
__setusermatherr
_initterm_e
_crt_debugger_hook
_wcmdln
_amsg_exit
_unlock
_adjust_fdiv
_except_handler4_common
_initterm
_decode_pointer
_configthreadlocale
_exit
__set_app_type
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2010:07:09 00:02:46+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
2560

LinkerVersion
9.0

EntryPoint
0x131e

InitializedDataSize
3584

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 3fb121fbbccb27969668cc36d0a8f15b
SHA1 f4053231135502b4e8ea2b4d2e32abefe3a08765
SHA256 3559378c933cdd434af2083f7535460843d2462033de74ec7c70dbe5f70124f5
ssdeep
96:syZSyUunB5EKzUQdIkD3OZnF++bzimbuFJJSI+fquyC7tCE/kfYhm:cyUwBc39ZnF+43uFJJROquPA

authentihash 35a2f1c5b6a7f1f84eb1fb7ec2aeec46a22180cee5d40b9c13147f50b73d5221
imphash 93628d0e9a3686ed3ce77abdbb0c800c
File size 7.0 KB ( 7178 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2011-08-17 11:27:55 UTC ( 6 years, 4 months ago )
Last submission 2017-12-14 22:55:15 UTC ( 2 days, 3 hours ago )
File names cloudcar.exe
test.exe
cloudcar.exe
cloudcar.exe.orig
vti-rescan
Cloudcar Test not-a-Virus - cloudcar.exe
CLOUDCAR[1].EXE.CRYPTED.infected
cloudcar(4).exe
{EC9F091E-A662-4324-92BA-B7D6654E6313}
file-5490209_exe
Unconfirmed 939224.crdownload
cloudcar.exe
filename
Unconfirmed 178031.crdownload
3559378c933cdd434af2083f7535460843d2462033de74ec7c70dbe5f70124f5.bin
output.11312677.txt
cloudcar (2).exe
trzD3D2.tmp
vt-upload-_IaNw
cloudcar (1).exe
cloudcar7d4.exe
cloudcar(1).exe
cloudcar (1).exe
cloudcar.exe
c
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!