× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 37ccb1fc8c465f9ff028c172c2a424af61fd72322c91f9fe4c410225dec2c10d
File name: b4387kfd(1).exe
Detection ratio: 2 / 54
Analysis date: 2016-01-13 13:15:36 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20160113
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20160113
Ad-Aware 20160113
AegisLab 20160113
Yandex 20160111
AhnLab-V3 20160113
Alibaba 20160113
ALYac 20160113
Antiy-AVL 20160113
Arcabit 20160113
Avast 20160113
AVG 20160113
AVware 20160111
Baidu-International 20160113
BitDefender 20160113
Bkav 20160112
ByteHero 20160113
CAT-QuickHeal 20160113
ClamAV 20160113
CMC 20160111
Comodo 20160113
Cyren 20160113
DrWeb 20160113
Emsisoft 20160113
ESET-NOD32 20160113
F-Prot 20160111
F-Secure 20160113
Fortinet 20160113
GData 20160113
Ikarus 20160113
Jiangmin 20160113
K7AntiVirus 20160113
K7GW 20160113
Kaspersky 20160113
Malwarebytes 20160113
McAfee 20160113
McAfee-GW-Edition 20160113
Microsoft 20160113
eScan 20160113
NANO-Antivirus 20160113
nProtect 20160113
Panda 20160112
Sophos AV 20160113
SUPERAntiSpyware 20160113
Symantec 20160112
Tencent 20160113
TheHacker 20160113
TrendMicro 20160113
TrendMicro-HouseCall 20160113
VBA32 20160112
VIPRE 20160113
ViRobot 20160113
Zillya 20160112
Zoner 20160113
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright Photomix Corporation

Product Account
Original name Account.exe
Internal name Account
File version 3.3.6.8
Description Coke Contrast Paradigm Potentiometers Charge Listserv
Comments Coke Contrast Paradigm Potentiometers Charge Listserv
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-13 12:47:10
Entry Point 0x000062AF
Number of sections 4
PE sections
PE imports
Ord(6)
Ord(17)
ImageList_ReplaceIcon
ImageList_Create
ImageList_Add
DeleteDC
SetBkMode
SelectObject
GetStockObject
CreateCompatibleBitmap
TextOutA
GdiFlush
GetTextMetricsA
CreateSolidBrush
BitBlt
SetBkColor
CreateDIBSection
CreateCompatibleDC
DeleteObject
Ellipse
SetTextColor
gluOrtho2D
VerLanguageNameA
GetLastError
FileTimeToSystemTime
lstrcmpiA
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
LoadLibraryA
CreateNamedPipeA
FreeEnvironmentStringsA
GetStartupInfoA
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
UnhandledExceptionFilter
GetFileInformationByHandle
GetProcAddress
InterlockedCompareExchange
ExitProcess
GetOverlappedResult
GetModuleHandleA
GetFileAttributesA
InterlockedExchange
SetUnhandledExceptionFilter
lstrcpyA
GetCurrentProcess
CloseHandle
GetSystemTimeAsFileTime
TerminateProcess
GetConsoleWindow
Sleep
CreateFileA
HeapAlloc
GetCurrentThreadId
__p__fmode
memset
strcat
__dllonexit
_controlfp_s
_invoke_watson
strlen
strncpy
_cexit
_itoa
??2@YAPAXI@Z
_lock
__p__commode
_onexit
_amsg_exit
exit
_XcptFilter
_encode_pointer
__setusermatherr
_initterm_e
_crt_debugger_hook
??_V@YAXPAX@Z
_acmdln
srand
_ismbblead
?terminate@@YAXXZ
_unlock
strrchr
_adjust_fdiv
memcpy
_time64
sprintf
_except_handler4_common
__getmainargs
calloc
_exit
cos
putchar
_decode_pointer
sin
strcpy
_configthreadlocale
_initterm
__set_app_type
glVertex2f
glClearColor
glViewport
glMatrixMode
glEnd
glBegin
glLoadIdentity
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SHGetFileInfoA
Shell_NotifyIconA
StrToIntExA
EndDeferWindowPos
GetForegroundWindow
UpdateWindow
BeginPaint
DefWindowProcW
PostQuitMessage
DefWindowProcA
SetWindowTextA
LoadBitmapA
GetCursorPos
SendDlgItemMessageA
BeginDeferWindowPos
SetScrollPos
SetScrollRange
AppendMenuA
GetWindowRect
DispatchMessageA
EndPaint
SetMenu
GetDialogBaseUnits
EnumChildWindows
MessageBoxA
GetWindowDC
TranslateMessage
SetTimer
GetSysColor
GetDC
RegisterClassExA
GetAsyncKeyState
DrawTextA
UpdateLayeredWindow
CreatePopupMenu
GetWindowLongA
ShowWindow
RegisterClassW
GetSystemMetrics
SendMessageA
GetDesktopWindow
GetClientRect
CreateWindowExA
GetDlgItem
DrawMenuBar
IsWindow
EnableMenuItem
RegisterClassA
wsprintfA
CreateMenu
LoadCursorA
LoadIconA
TrackPopupMenu
GetMessageA
FillRect
GetSysColorBrush
DeferWindowPos
LoadImageA
CreateWindowExW
ReleaseDC
GetWindowTextA
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
PE exports
Number of PE resources by type
RT_STRING 16
RT_MENU 11
RT_BITMAP 6
RT_ICON 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 39
PE resources
ExifTool file metadata
CodeSize
22528

SubsystemVersion
5.0

Comments
Coke Contrast Paradigm Potentiometers Charge Listserv

Languages
English

InitializedDataSize
160256

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.3.6.8

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Coke Contrast Paradigm Potentiometers Charge Listserv

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
9.0

PrivateBuild
3.3.6.8

EntryPoint
0x62af

OriginalFileName
Account.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Photomix Corporation

FileVersion
3.3.6.8

TimeStamp
2016:01:13 13:47:10+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Account

ProductVersion
3.3.6.8

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Photomix Corporation

LegalTrademarks
Copyright Photomix Corporation

ProductName
Account

ProductVersionNumber
3.3.6.8

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e47789e7bf6cb9214479c1a44d48226f
SHA1 c795df672a62fe3cea4140c2c479cfac3a623024
SHA256 37ccb1fc8c465f9ff028c172c2a424af61fd72322c91f9fe4c410225dec2c10d
ssdeep
3072:7gfvEQt+J4R29WFKqy89Ma6/SSroCWjwBFfWcqhNfR3d3bSwLzpkYYUYJDjaequW:MfsXF8bbZCWjw/Z+33Jwyu2WXuku8usU

authentihash 3e3a431f0b160e3a845b3c414f10a7e66da922838d3ec59e81e33b4568e7ffa2
imphash ed53b1a1f4144508ac45024e4f85fd89
File size 179.5 KB ( 183808 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (45.0%)
Microsoft Visual C++ compiled executable (generic) (26.9%)
Win32 Dynamic Link Library (generic) (10.7%)
Win32 Executable (generic) (7.3%)
OS/2 Executable (generic) (3.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-01-13 13:13:01 UTC ( 3 years, 2 months ago )
Last submission 2018-05-23 17:53:30 UTC ( 10 months ago )
File names Account
pecologicalinitiatory.exe
37ccb1fc8c465f9ff028c172c2a424af61fd72322c91f9fe4c410225dec2c10d.bin
verdnd.exe
b4387kfd(1).exe
b4387kfd_1_.exe
verdnd.exe
Account.exe
6.exe
b4387kfd[1].exe.1704.dr
b4387kfd.exe
verdnd.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
TCP connections
UDP communications