× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3b26ef00b331085ada1a653f4a70aa2c65f75ad2a377cedc063a3637834aaa9d
File name: k1.exe
Detection ratio: 14 / 57
Analysis date: 2016-05-31 20:03:31 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20160531
Avira (no cloud) TR/Crypt.ZPACK.apfh 20160531
Bkav HW32.Packed.FCDD 20160531
DrWeb Trojan.Siggen6.58358 20160531
ESET-NOD32 Win32/TrojanDownloader.Agent.CFH 20160531
Fortinet W32/Injector.CZFI!tr 20160531
Malwarebytes Trojan.Crypt 20160531
McAfee Artemis!E5804027E182 20160531
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20160531
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20160531
Rising Malware.XPACK-HIE/Heur!1.9C48 20160531
Sophos AV Troj/Agent-ARYO 20160531
Symantec Trojan.Smoaler 20160531
Tencent Win32.Trojan-downloader.Agent.Akeq 20160531
Ad-Aware 20160531
AegisLab 20160531
AhnLab-V3 20160531
Alibaba 20160531
ALYac 20160531
Antiy-AVL 20160531
Arcabit 20160531
AVG 20160531
AVware 20160531
Baidu 20160530
Baidu-International 20160531
BitDefender 20160531
CAT-QuickHeal 20160531
ClamAV 20160531
CMC 20160530
Comodo 20160531
Cyren 20160531
Emsisoft 20160531
F-Prot 20160531
F-Secure 20160531
GData 20160531
Ikarus 20160531
Jiangmin 20160531
K7AntiVirus 20160531
K7GW 20160531
Kaspersky 20160531
Kingsoft 20160531
Microsoft 20160531
eScan 20160531
NANO-Antivirus 20160531
nProtect 20160531
Panda 20160531
SUPERAntiSpyware 20160531
TheHacker 20160530
TotalDefense 20160531
TrendMicro 20160531
TrendMicro-HouseCall 20160531
VBA32 20160531
VIPRE 20160531
ViRobot 20160531
Yandex 20160531
Zillya 20160531
Zoner 20160531
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-07-14 08:37:33
Entry Point 0x00019BB3
Number of sections 4
PE sections
PE imports
DhcpFreeMem
McastGenUID
McastApiStartup
DhcpEnumClasses
EapHostPeerFreeErrorMemory
EapHostPeerGetMethods
DefineDosDeviceW
FileTimeToSystemTime
GetDriveTypeA
GetVolumeNameForVolumeMountPointA
GetTickCount
WaitForSingleObjectEx
lstrlenW
GetACP
GetLocaleInfoA
GetFileSize
lstrcatA
CreateDirectoryA
GetProcAddress
lstrcpynW
CreateHardLinkA
GetModuleHandleA
CreateMutexW
FindNextFileA
GetSystemDirectoryA
MoveFileExA
CompareStringW
GetLogicalDriveStringsA
OpenEventW
InterlockedDecrement
MoveFileW
CreateFileA
GetVersion
Heap32First
WriteConsoleW
OpenJobObjectA
TraceSQLCancel
TraceSQLBindCol
WTSSetSessionInformationA
WTSEnumerateSessionsA
WTSQuerySessionInformationA
WTSQueryUserToken
WTSLogoffSession
WTSVirtualChannelRead
WTSOpenServerA
WTSVirtualChannelPurgeInput
WTSFreeMemory
WTSRegisterSessionNotification
WTSCloseServer
WTSSendMessageA
WTSVirtualChannelWrite
WTSEnumerateProcessesA
WTSWaitSystemEvent
WTSVirtualChannelOpen
WTSVirtualChannelQuery
Number of PE resources by type
RT_RCDATA 4
Number of PE resources by language
ENGLISH US 4
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:07:14 09:37:33+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
102912

LinkerVersion
6.0

EntryPoint
0x19bb3

InitializedDataSize
7168

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 e5804027e18293a0389b0ca1351c86d9
SHA1 90b8f1c3394b602f2c9f636d9f6771e2d5584377
SHA256 3b26ef00b331085ada1a653f4a70aa2c65f75ad2a377cedc063a3637834aaa9d
ssdeep
1536:VTmgBu659pE83v4XxYFHwV5D8o96T7082SnqXMXfLMZL/QVbdTmgBu8TmgBu8Tm0:5brp93v4BI+KZ0tSnuaf2I7hh01m

authentihash 4b3e5ca4c51852d405f1917635a13ba7e42c60ac5524d52306d412267739f8ba
imphash 2b65e69f2bdc3a5648254d8d3ef47646
File size 108.5 KB ( 111104 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-05-30 21:46:34 UTC ( 2 years, 10 months ago )
Last submission 2016-05-30 22:00:04 UTC ( 2 years, 10 months ago )
File names uBLKDHWzFiuAcxW.pif
k1.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications