× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 366b4df087a0ab2aed7040fd6accac45dc6e1befc2c94d73b316f758c53e2aef
File name: cumshot.png
Detection ratio: 9 / 56
Analysis date: 2017-01-19 13:20:42 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20170119
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9972 20170119
Comodo Heur.Packed.Unknown 20170118
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20161024
ESET-NOD32 a variant of Win32/Kryptik.FNEF 20170119
Sophos ML backdoor.win32.drixed.m 20170111
Kaspersky UDS:DangerousObject.Multi.Generic 20170119
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20170119
Symantec ML.Attribute.VeryHighConfidence [Heur.AdvML.B] 20170118
Ad-Aware 20170119
AhnLab-V3 20170119
Alibaba 20170119
ALYac 20170119
Antiy-AVL 20170119
Arcabit 20170119
Avast 20170119
AVG 20170119
Avira (no cloud) 20170119
AVware 20170119
BitDefender 20170119
CAT-QuickHeal 20170119
ClamAV 20170119
CMC 20170119
Cyren 20170119
DrWeb 20170119
Emsisoft 20170119
F-Prot 20170119
F-Secure 20170119
Fortinet 20170119
GData 20170119
Ikarus 20170119
Jiangmin 20170119
K7AntiVirus 20170119
K7GW 20170119
Kingsoft 20170119
Malwarebytes 20170119
McAfee 20170119
McAfee-GW-Edition 20170118
Microsoft 20170119
eScan 20170119
NANO-Antivirus 20170119
nProtect 20170119
Panda 20170118
Rising 20170119
Sophos AV 20170119
SUPERAntiSpyware 20170119
Tencent 20170119
TheHacker 20170117
TotalDefense 20170119
TrendMicro 20170119
TrendMicro-HouseCall 20170119
Trustlook 20170119
VBA32 20170118
VIPRE 20170119
ViRobot 20170119
WhiteArmor 20170119
Yandex 20170118
Zillya 20170117
Zoner 20170118
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Ghbsg Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name COMUID.DLL
Internal name COMUID.DLL
File version 2001.12.10530.17415 (winblue_r4.141028-1500)
Description COM+ Explorer UI
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-01-18 17:17:19
Entry Point 0x0000C1D0
Number of sections 9
PE sections
PE imports
CertEnumCertificateContextProperties
CryptEnumOIDInfo
CryptMsgGetParam
PFXExportCertStore
WaitCommEvent
GetNativeSystemInfo
GetComputerNameW
GetCommandLineW
ConvertDefaultLocale
LoadLibraryA
GetModuleHandleW
DsReplicaSyncA
_snwprintf
PdhGetCounterInfoA
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2001.12.10530.17415

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
112128

EntryPoint
0xc1d0

OriginalFileName
COMUID.DLL

MIMEType
application/octet-stream

LegalCopyright
Ghbsg Corporation. All rights reserved.

FileVersion
2001.12.10530.17415 (winblue_r4.141028-1500)

TimeStamp
2017:01:18 18:17:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
COMUID.DLL

ProductVersion
6.3.9601.17415

FileDescription
COM+ Explorer UI

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ghbsg Corporation

CodeSize
46080

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.3.9600.17415

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 aea48ee4aa6f4b44bde2ee2f44dfb95e
SHA1 f026f18e9529243d6a192e600f9103903f5bbaa8
SHA256 366b4df087a0ab2aed7040fd6accac45dc6e1befc2c94d73b316f758c53e2aef
ssdeep
3072:+hHJNqTmtara5tla1/FADwDIMmNUrct8Mhy92zs:6GLraJa9OgIMsDyr

authentihash 22bd04c87fd9f88b377d3f1e46cb855aa0848e8f0f0a3976dc2e52ba88d84891
imphash 1ec0ba68c8154627ddd39c690c7a594f
File size 139.3 KB ( 142628 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.8%)
OS/2 Executable (generic) (16.1%)
Clipper DOS Executable (16.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.8%)
Tags
peexe

VirusTotal metadata
First submission 2017-01-19 12:00:04 UTC ( 2 years, 3 months ago )
Last submission 2017-01-23 09:53:15 UTC ( 2 years, 3 months ago )
File names 366b4df087a0ab2aed7040fd6accac45dc6e1befc2c94d73b316f758c53e2aef.bin
hulas.exe
cumshot.png
COMUID.DLL
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications