× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 389ed69397b7e7255f55bb7b12c343dab42845bff0639b9d8b33d97199cebc4d
File name: 33753970f0f0da6a89060013606322f6.bin
Detection ratio: 42 / 45
Analysis date: 2013-07-20 15:57:25 UTC ( 4 years, 12 months ago )
Antivirus Result Update
Yandex Worm.Koobface!sUAmSe8oc1k 20130719
AntiVir TR/Dldr.Agent.wtc 20130720
Avast Win32:MalOb-FE [Cryp] 20130720
AVG Cryptic.T 20130720
BitDefender Win32.Worm.Koobface.AON 20130720
CAT-QuickHeal Win32.Worm.Koobface.gen!D.4 20130720
ClamAV Worm.Koobface-273 20130720
Commtouch W32/Koobface.J.gen!Eldorado 20130720
Comodo NetWorm.Win32.Koobface.~R 20130720
DrWeb Trojan.Packed.19706 20130720
Emsisoft Win32.Worm.Koobface.AON (B) 20130720
eSafe Win32.TrojanHorse 20130717
ESET-NOD32 Win32/Koobface.NCK 20130720
F-Prot W32/Worm.BKUV 20130720
Fortinet W32/Kryptik.L!worm 20130720
GData Win32.Worm.Koobface.AON 20130720
Ikarus Trojan.Crypt 20130720
Jiangmin Worm/Koobface.alc 20130720
K7AntiVirus NetWorm 20130720
K7GW NetWorm 20130720
Kaspersky Net-Worm.Win32.Koobface.eyx 20130720
Kingsoft Worm.Koobface.(kcloud) 20130718
Malwarebytes Worm.KoobFace 20130720
McAfee W32/Koobface.worm.gen.ah 20130720
McAfee-GW-Edition W32/Koobface.worm.gen.ah 20130720
Microsoft Worm:Win32/Koobface.gen!D 20130720
NANO-Antivirus Trojan.Win32.Koobface.mcgk 20130720
Norman Koobface.FMW 20130720
nProtect Worm/W32.Koobface.42496.F 20130720
Panda W32/Koobface.IN.worm 20130720
PCTools Net-Worm.Koobface 20130720
Rising Worm.Win32.Koobface.jk 20130719
Sophos AV Mal/FakeSpy-A 20130720
SUPERAntiSpyware Trojan.Agent/Gen-Koobface[CTS] 20130720
Symantec W32.Koobface 20130720
TheHacker Trojan/Koobface.nck 20130720
TotalDefense Win32/Koobface.B!generic 20130719
TrendMicro WORM_KUBFACE.SMF 20130720
TrendMicro-HouseCall WORM_KUBFACE.SMF 20130720
VBA32 Malware-Cryptor.Win32.General.4.1 20130719
VIPRE Worm.Win32.Koobface.Gen.3 (v) 20130720
ViRobot Worm.Win32.Net-Koobface.42496.C 20130720
AhnLab-V3 20130720
Antiy-AVL 20130720
ByteHero 20130613
eScan 20130720
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Creative Technology Ltd., 2003-2007. All rights reserved.

Publisher Creative Technology Ltd.
Product CTSURun
Version 1.0.0.0
Original name CTSURun.exe
Internal name CTSURun
File version 1.0.3.0
Description CTSURun
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-05-11 09:42:10
Entry Point 0x00001035
Number of sections 4
PE sections
PE imports
LoadLibraryA
ExitProcess
GetProcAddress
ImageList_Add
SaveDC
IsEqualGUID
VerQueryValueA
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2005:05:11 10:42:10+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
6656

LinkerVersion
5.13

EntryPoint
0x1035

InitializedDataSize
6656

SubsystemVersion
4.0

ImageVersion
5.1

OSVersion
4.0

UninitializedDataSize
26112

File identification
MD5 33753970f0f0da6a89060013606322f6
SHA1 ce35c0f0fdd3b4b559fcc22c8a83faec635bbca1
SHA256 389ed69397b7e7255f55bb7b12c343dab42845bff0639b9d8b33d97199cebc4d
ssdeep
768:HNy5BV98YIWCMMBpREUsMrf7hGOTovdElib3KOoEk:HNGBVB0RBbdGOmdElib3KU

File size 41.5 KB ( 42496 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-05-26 12:35:08 UTC ( 6 years, 1 month ago )
Last submission 2013-07-20 15:57:25 UTC ( 4 years, 12 months ago )
File names CTSURun
33753970f0f0da6a89060013606322f6.bin
CTSURun.exe
33753970f0f0da6a89060013606322f6
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!