× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 369579ed577d1fcb2cc66dac3fe5e7a5f07380b2fb876c17edc4f7078052e99d
File name: ac701ea71c64179a8786d1e663d1526d
Detection ratio: 16 / 54
Analysis date: 2016-02-15 18:01:59 UTC ( 3 years ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3044736 20160215
Arcabit Trojan.Generic.D2E7580 20160215
Avira (no cloud) TR/Crypt.ZPACK.214919 20160215
BitDefender Trojan.GenericKD.3044736 20160215
Emsisoft Trojan.GenericKD.3044736 (B) 20160215
ESET-NOD32 Win32/Qadars.AO 20160215
F-Secure Trojan.GenericKD.3044736 20160215
Fortinet W32/Qadars.AO!tr 20160215
GData Trojan.GenericKD.3044736 20160215
Kaspersky UDS:DangerousObject.Multi.Generic 20160215
Microsoft Trojan:Win32/Qadars.A 20160215
eScan Trojan.GenericKD.3044736 20160215
Qihoo-360 QVM09.0.Malware.Gen 20160215
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 [F] 20160215
Sophos AV Mal/Generic-S 20160215
VIPRE Trojan.Win32.Generic!BT 20160215
AegisLab 20160215
Yandex 20160213
AhnLab-V3 20160215
Alibaba 20160215
Antiy-AVL 20160215
Avast 20160215
AVG 20160215
Baidu-International 20160215
Bkav 20160215
ByteHero 20160215
CAT-QuickHeal 20160215
ClamAV 20160215
CMC 20160214
Comodo 20160215
Cyren 20160215
DrWeb 20160215
F-Prot 20160215
Ikarus 20160215
Jiangmin 20160215
K7AntiVirus 20160215
K7GW 20160215
Malwarebytes 20160215
McAfee 20160215
McAfee-GW-Edition 20160215
NANO-Antivirus 20160215
nProtect 20160215
Panda 20160215
SUPERAntiSpyware 20160215
Symantec 20160215
Tencent 20160215
TheHacker 20160215
TotalDefense 20160215
TrendMicro 20160215
TrendMicro-HouseCall 20160215
VBA32 20160215
ViRobot 20160215
Zillya 20160213
Zoner 20160215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-07-05 12:49:34
Entry Point 0x0001C0B6
Number of sections 3
PE sections
PE imports
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
InitializeCriticalSection
LoadResource
TlsGetValue
SetLastError
GetSystemTime
GetEnvironmentVariableA
CopyFileA
HeapAlloc
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
SetUnhandledExceptionFilter
TerminateProcess
WriteConsoleA
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
OpenProcess
GetWindowsDirectoryA
GetProcAddress
GetProcessHeap
WaitNamedPipeA
GetTempFileNameA
WaitForMultipleObjects
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
FindFirstChangeNotificationA
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GetShortPathNameA
SizeofResource
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetEnvironmentStrings
HeapCreate
VirtualFree
Sleep
VirtualAlloc
InflateRect
IntersectRect
EndDeferWindowPos
GetDoubleClickTime
ExitWindowsEx
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2006:07:05 13:49:34+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
176128

LinkerVersion
8.0

FileTypeExtension
exe

InitializedDataSize
77824

SubsystemVersion
4.0

EntryPoint
0x1c0b6

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 ac701ea71c64179a8786d1e663d1526d
SHA1 70de13f30423295b944d5aae078e79a843334129
SHA256 369579ed577d1fcb2cc66dac3fe5e7a5f07380b2fb876c17edc4f7078052e99d
ssdeep
3072:cDgs3jW8vVl9i46eUpwBBnexlwPkELOIf9SAzqigCTf0ji:cDpzttlZ6eUpwnilwPkYOI7qR

authentihash 57ab2393ca340370c34d40dba2910fd38fa3b3ceec9d8b410b936ee2c03766b8
imphash 5d1303a3e6378b7d880966334b39504e
File size 204.0 KB ( 208896 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-02-15 18:01:59 UTC ( 3 years ago )
Last submission 2016-02-15 18:01:59 UTC ( 3 years ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
DNS requests
UDP communications