× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 396fdc4f0b7f84aa7709134b47d1f2cec47755ac9eaba263d1d7f9f284332d90
File name: pcdiyzlonn.exe
Detection ratio: 18 / 42
Analysis date: 2012-08-25 03:55:59 UTC ( 6 years, 3 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20120824
Commtouch W32/Agent.EW.gen!Eldorado 20120824
Comodo Worm.Win32.Dropper.RA 20120825
Emsisoft Worm.Win32.Nuj.A!IK 20120825
ESET-NOD32 a variant of Win32/FlyStudio 20120824
F-Prot W32/Agent.EW.gen!Eldorado 20120824
F-Secure Trojan:W32/DelfInject.R 20120825
Fortinet W32/Flystudio 20120825
GData Win32:Malware-gen 20120825
Ikarus Worm.Win32.Nuj.A 20120824
K7AntiVirus Riskware 20120824
McAfee Artemis!AB879D8C10F1 20120825
McAfee-GW-Edition Artemis!AB879D8C10F1 20120825
Norman W32/Troj_Generic.CIHSM 20120824
Panda Generic Trojan 20120824
SUPERAntiSpyware Trojan.Agent/Gen-OnlineGames 20120825
TrendMicro-HouseCall TROJ_GEN.F47V0727 20120825
VIPRE Trojan.Win32.Generic!BT 20120825
AhnLab-V3 20120824
AntiVir 20120824
Antiy-AVL 20120824
AVG 20120825
BitDefender 20120825
ByteHero 20120817
CAT-QuickHeal 20120824
ClamAV 20120825
DrWeb 20120825
eSafe 20120823
Jiangmin 20120825
Kaspersky 20120825
Microsoft 20120825
nProtect 20120824
PCTools 20120825
Rising 20120824
Sophos AV 20120825
Symantec 20120825
TheHacker 20120824
TotalDefense 20120824
TrendMicro 20120825
VBA32 20120824
ViRobot 20120825
VirusBuster 20120824
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
作者版权所有 请尊重并使用正版

Product 渠道销售平台
File version 1.0.0.0
Description 广州子龙资讯有限公司
Comments 本程序使用易语言编写(http://www.eyuyan.com)
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-06 08:03:14
Entry Point 0x000B9DF3
Number of sections 4
PE sections
PE imports
RegQueryValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
AVIStreamGetFrame
AVIStreamInfoA
ImageList_Read
ImageList_GetImageCount
ImageList_Duplicate
ImageList_Destroy
_TrackMouseEvent
ImageList_SetBkColor
ImageList_Draw
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_Create
Ord(17)
ImageList_GetIcon
ImageList_AddMasked
SetMapMode
GetWindowOrgEx
GetTextMetricsA
PathToRegion
GetROP2
GetViewportOrgEx
SetPixel
EndDoc
CreateEllipticRgn
CreatePalette
CreateDIBitmap
GetPolyFillMode
GetDIBits
StretchBlt
ScaleViewportExtEx
SetWindowExtEx
SetViewportExtEx
SetBkColor
GetBkColor
MoveToEx
CombineRgn
GetSystemPaletteEntries
OffsetRgn
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
EndPath
GetPixel
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
BitBlt
GetDeviceCaps
FillRgn
FrameRgn
CreateBrushIndirect
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SelectPalette
SetROP2
EndPage
GetTextColor
SetPixelV
BeginPath
DeleteObject
CreatePenIndirect
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetObjectA
CreateDCA
LineTo
DeleteDC
GetMapMode
StartPage
RealizePalette
CreatePatternBrush
SetDIBitsToDevice
RectVisible
GetStockObject
ExtTextOutA
SelectClipRgn
RoundRect
GetTextExtentPoint32A
SetWindowOrgEx
SelectObject
GetViewportExtEx
LPtoDP
CreatePolygonRgn
GetBkMode
SaveDC
RestoreDC
GetStretchBltMode
CreateBitmap
CreateDIBSection
SetTextColor
GetCurrentObject
Escape
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
SetStretchBltMode
CreateRectRgn
GetClipRgn
StartDocA
SetPolyFillMode
CreateCompatibleBitmap
CreateSolidBrush
DPtoLP
Ellipse
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
GetProcAddress
GetStringTypeA
GetProcessVersion
InterlockedExchange
WriteFile
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
ResumeThread
GetEnvironmentVariableA
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
FormatMessageA
SetLastError
GetSystemTime
InitializeCriticalSection
Beep
GlobalFindAtomA
ExitProcess
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
LoadLibraryExA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
CreateSemaphoreA
CreateThread
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetVersion
InterlockedIncrement
SetCurrentDirectoryA
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
lstrcmpiA
GetOEMCP
GetTickCount
IsBadWritePtr
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GlobalSize
GetStartupInfoA
UnlockFile
GetFileSize
LCMapStringW
GetWindowsDirectoryA
WaitForMultipleObjects
GetProcessHeap
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
FindNextFileA
DuplicateHandle
GlobalLock
GetTimeZoneInformation
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LocalReAlloc
GlobalDeleteAtom
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
WinExec
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
ReleaseSemaphore
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetCurrentThreadId
CreateProcessA
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
IsBadCodePtr
FindResourceA
VirtualAlloc
GradientFill
DrawDibDraw
SysStringLen
VariantChangeType
SysAllocString
SafeArrayCreate
VariantCopy
SafeArrayGetElemsize
VariantInit
SafeArrayAccessData
SafeArrayGetLBound
UnRegisterTypeLib
SafeArrayUnaccessData
SafeArrayGetUBound
LoadTypeLib
SysFreeString
SysAllocStringByteLen
OleCreateFontIndirect
VarBstrFromCy
VariantTimeToSystemTime
RegisterTypeLib
SysAllocStringLen
VariantClear
GetErrorInfo
SafeArrayGetDim
RasGetConnectStatusA
RasHangUpA
ShellExecuteA
Shell_NotifyIconA
SetFocus
GetForegroundWindow
SetWindowRgn
RedrawWindow
SetMenuItemBitmaps
DrawStateA
SetRectEmpty
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
SetScrollPos
IsWindow
SetTimer
DispatchMessageA
EndPaint
ScrollWindowEx
GetWindowLongA
GrayStringA
WindowFromPoint
GetMessageTime
CallNextHookEx
SetActiveWindow
GetMenuItemID
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetWindowContextHelpId
GetNextDlgTabItem
LoadIconA
GetWindowTextLengthA
CopyAcceleratorTableA
GetActiveWindow
OpenClipboard
LoadImageA
GetMenuStringA
GetWindowTextA
DestroyWindow
DrawEdge
GetParent
UpdateWindow
SetPropA
VkKeyScanExA
ShowWindow
GetPropA
GetNextDlgGroupItem
GetMenuState
GetTabbedTextExtentA
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
GetIconInfo
LoadStringA
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
EnableMenuItem
RegisterClassA
TabbedTextOutA
DrawFocusRect
CreateMenu
GetKeyboardLayout
FillRect
CopyRect
WaitForInputIdle
GetSysColorBrush
EqualRect
ReleaseDC
CreateAcceleratorTableA
IsChild
IsDialogMessageA
MapWindowPoints
GetMessageA
PostMessageA
BeginPaint
OffsetRect
GetScrollPos
CopyIcon
keybd_event
KillTimer
CharNextA
RegisterWindowMessageA
DefWindowProcA
GetClipboardData
SendDlgItemMessageA
GetSystemMetrics
IsIconic
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
IntersectRect
SetWindowLongA
IsRectEmpty
RemovePropA
CreatePopupMenu
CheckMenuItem
ChildWindowFromPointEx
GetSubMenu
GetLastActivePopup
PtInRect
DrawIconEx
CreateWindowExA
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
GetClassLongA
GetCapture
FindWindowExA
LoadCursorA
EnumDisplaySettingsA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemCount
DestroyAcceleratorTable
CreateIconFromResourceEx
CreateIconFromResource
GetSystemMenu
GetDC
SetForegroundWindow
PostThreadMessageA
WindowFromDC
EmptyClipboard
DrawTextA
GetScrollRange
EndDialog
CreateIconIndirect
CreateDialogIndirectParamA
ScreenToClient
SetWindowTextA
MessageBeep
AppendMenuA
DrawFrameControl
UnhookWindowsHookEx
RegisterClipboardFormatA
MoveWindow
MessageBoxA
GetClassNameA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
DestroyIcon
GetTopWindow
IsWindowVisible
GetDesktopWindow
SetCursorPos
WinHelpA
FrameRect
SetRect
DeleteMenu
InvalidateRect
wsprintfA
TranslateAcceleratorA
ValidateRect
CallWindowProcA
GetCursor
GetFocus
CloseClipboard
ModifyMenuA
SetMenu
SetCursor
HttpSendRequestA
InternetOpenUrlA
InternetSetOptionA
HttpOpenRequestA
InternetReadFile
InternetCanonicalizeUrlA
InternetCloseHandle
InternetOpenA
InternetConnectA
InternetGetConnectedState
HttpQueryInfoA
InternetCrackUrlA
waveOutReset
waveOutOpen
midiStreamProperty
waveOutClose
midiStreamRestart
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutPause
waveOutGetNumDevs
midiStreamOpen
PlaySoundA
midiStreamOut
midiStreamStop
waveOutWrite
midiOutPrepareHeader
midiOutUnprepareHeader
midiStreamClose
midiOutReset
OpenPrinterA
DocumentPropertiesA
ClosePrinter
WSAStartup
recv
accept
WSAAsyncSelect
recvfrom
ioctlsocket
send
getpeername
WSACleanup
closesocket
inet_ntoa
select
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
ChooseColorA
OleUninitialize
CoCreateInstance
OleInitialize
CoRevokeClassObject
OleFlushClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleRun
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
CoTaskMemAlloc
Number of PE resources by type
RT_BITMAP 27
RT_DIALOG 12
RT_STRING 11
RT_CURSOR 9
RT_GROUP_CURSOR 8
RT_ICON 3
TEXTINCLUDE 3
RT_GROUP_ICON 3
RT_MENU 2
WAVE 1
RT_VERSION 1
Number of PE resources by language
CHINESE SIMPLIFIED 72
ITALIAN 6
NEUTRAL 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
(http://www.eyuyan.com)

InitializedDataSize
5296128

ImageVersion
0.0

FileVersionNumber
1.0.0.0

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

FileVersion
1.0.0.0

TimeStamp
2012:06:06 09:03:14+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
929792

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0xb9df3

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 ab879d8c10f15d53e19ca6f862e4a9e0
SHA1 2875ac93a77fd6112742122d6b451af551be107d
SHA256 396fdc4f0b7f84aa7709134b47d1f2cec47755ac9eaba263d1d7f9f284332d90
ssdeep
49152:HQw/OlLYRW43Hl3WW+ZvBlxqDJgi6n1lM4/ZI3aV7:ww/QYR73F3WdRqDR3O

authentihash 875d027264db1ff49fa68efe3e6f013b2ddcd5e6bfd52741d56e842048447b3c
imphash e75840bd0fcc1c658963cc4e7db88693
File size 5.9 MB ( 6230016 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (24.0%)
Win64 Executable (generic) (21.3%)
UPX compressed Win32 Executable (20.8%)
Win32 EXE Yoda's Crypter (20.5%)
Win32 Dynamic Link Library (generic) (5.0%)
Tags
peexe armadillo

VirusTotal metadata
First submission 2012-06-13 18:52:54 UTC ( 6 years, 6 months ago )
Last submission 2017-06-01 09:21:14 UTC ( 1 year, 6 months ago )
File names AB879D8C10F15D53E19CA6F862E4A9E0.bin
pcdiyzlonn.exe
output.1668193.txt
pcdiyzlonn.exe
396fdc4f0b7f84aa7709134b47d1f2cec47755ac9eaba263d1d7f9f284332d90
pcdiyzlonn.exe
output.1685932.txt
1685932
QR53.xltm
ab879d8c10f15d53e19ca6f862e4a9e0
1668193
5FKnBuU.html
0001223801.pcdiyzlonn.ab879d8c10f15d53e19ca6f862e4a9e0.exe
test.txt
aa
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!