× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3df14de68a8d4e9a74ebd778aa4bc299bd7e282a89a709b5b427d13662f4593b
File name: apcwotyp.exe
Detection ratio: 10 / 56
Analysis date: 2016-08-23 22:56:03 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan[Backdoor]/Win32.Androm 20160823
AVware Trojan.Win32.Generic.pak!cobra 20160823
Baidu Win32.Trojan.Kryptik.alb 20160823
Cyren W32/Cerber.F.gen!Eldorado 20160823
DrWeb Trojan.PWS.Siggen1.56083 20160823
F-Prot W32/Cerber.F.gen!Eldorado 20160823
Kaspersky UDS:DangerousObject.Multi.Generic 20160823
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20160823
Rising Malware.XPACK-HIE/Heur!1.9C48 20160823
VIPRE Trojan.Win32.Generic.pak!cobra 20160823
Ad-Aware 20160823
AegisLab 20160823
AhnLab-V3 20160823
Alibaba 20160823
ALYac 20160823
Arcabit 20160823
Avast 20160823
AVG 20160823
Avira (no cloud) 20160823
BitDefender 20160823
Bkav 20160823
CAT-QuickHeal 20160823
ClamAV 20160823
CMC 20160822
Comodo 20160823
Emsisoft 20160823
ESET-NOD32 20160823
F-Secure 20160823
Fortinet 20160823
GData 20160823
Ikarus 20160823
Jiangmin 20160823
K7AntiVirus 20160823
K7GW 20160823
Kingsoft 20160823
Malwarebytes 20160823
McAfee 20160823
McAfee-GW-Edition 20160823
Microsoft 20160823
eScan 20160823
NANO-Antivirus 20160823
nProtect 20160823
Panda 20160823
Sophos AV 20160823
SUPERAntiSpyware 20160823
Symantec 20160823
Tencent 20160823
TheHacker 20160821
TotalDefense 20160823
TrendMicro 20160823
TrendMicro-HouseCall 20160823
VBA32 20160823
ViRobot 20160823
Yandex 20160823
Zillya 20160820
Zoner 20160823
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Description Total Commander udministrator Tool
Comments Tool used internally by Total Commander, do not start directly!
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-24 20:54:59
Entry Point 0x0005C700
Number of sections 4
PE sections
PE imports
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExA
RegCloseKey
GetUserNameW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_Draw
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_GetIcon
InitCommonControlsEx
ImageList_DragEnter
ImageList_EndDrag
GetTextMetricsW
SetMapMode
GetWindowOrgEx
CreateMetaFileA
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
CreateMetaFileW
GetBoundsRect
SetLayout
SetPixel
EndDoc
SetPixelV
IntersectClipRect
GetTextExtentPointW
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
ScaleViewportExtEx
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
GetTextCharsetInfo
TextOutW
GetSystemPaletteEntries
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetBitmapBits
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
SelectPalette
PtVisible
ExtSelectClipRgn
ScaleWindowExtEx
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
Escape
DeleteObject
GetWindowExtEx
SetBitmapBits
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetMapMode
CreateFontIndirectW
GetObjectW
CreateDCW
CreateBitmapIndirect
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
SetPaletteEntries
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
RoundRect
SetWindowOrgEx
SelectObject
GetViewportExtEx
OffsetWindowOrgEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
GetPixel
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateRectRgn
SetViewportExtEx
SetPolyFillMode
CopyMetaFileW
Ellipse
CreateSolidBrush
Polyline
DPtoLP
AbortDoc
CreateCompatibleBitmap
GetLastError
IsDBCSLeadByte
LoadLibraryA
TerminateThread
lstrlenA
lstrcmpiA
GlobalFree
WaitForSingleObject
GetPrivateProfileIntA
SetEvent
HeapAlloc
CreateDirectoryA
GetVersionExA
GlobalUnlock
GetFileAttributesW
RemoveDirectoryA
GetShortPathNameA
CreateEventA
FreeLibrary
GetStartupInfoA
GetVolumeInformationA
LoadLibraryExA
SizeofResource
GetCurrentDirectoryA
GetPrivateProfileStringA
LocalAlloc
lstrcatA
LockResource
SetFileTime
DeleteFileA
GetWindowsDirectoryA
ExitProcess
_llseek
GetCommandLineA
GlobalLock
GetSystemInfo
GetProcessHeap
GetTempPathA
CreateMutexA
GetModuleHandleA
_lclose
DosDateTimeToFileTime
CreateThread
GetFileAttributesA
SetFilePointer
lstrcmpA
ReadFile
CreateFileA
WriteFile
_lopen
FindFirstFileA
ResetEvent
GetTempFileNameA
lstrcpynA
FindNextFileA
GetSystemDirectoryA
GetDiskFreeSpaceA
GetProcAddress
FreeResource
SetFileAttributesA
GetExitCodeProcess
LocalFree
CreateProcessA
GetModuleFileNameA
GetCurrentProcess
LoadResource
lstrcpyA
GlobalAlloc
LocalFileTimeToFileTime
FindClose
FormatMessageA
GetDriveTypeA
GetTickCount
FindResourceA
VirtualAlloc
SetCurrentDirectoryA
CloseHandle
RedrawWindow
GetMessagePos
SetWindowRgn
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
EndPaint
WindowFromPoint
CopyRect
DrawIcon
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetDlgCtrlID
SendMessageW
IsDialogMessageW
CharUpperW
UnregisterClassW
GetClientRect
GetMenuItemInfoW
DefWindowProcW
SetMenuDefaultItem
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
GetKeyboardState
ClientToScreen
GetActiveWindow
RegisterHotKey
MapVirtualKeyExW
RegisterClipboardFormatW
DialogBoxIndirectParamW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
InvalidateRgn
DrawTextW
CopyImage
TrackMouseEvent
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
EnumWindows
GetWindowTextW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
GetDesktopWindow
DefMDIChildProcW
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CopyAcceleratorTableW
GetClassInfoW
GetSystemMenu
GetMenuCheckMarkDimensions
TranslateMessage
GetWindow
GetMenuDefaultItem
RegisterClassW
GetIconInfo
SetParent
SetClipboardData
FindWindowExW
IsZoomed
GetWindowPlacement
DestroyWindow
DrawMenuBar
IsCharLowerW
IsIconic
InvertRect
TrackPopupMenuEx
GetSubMenu
SetTimer
ShowOwnedPopups
EnableWindow
EnumThreadWindows
MonitorFromPoint
SetWindowContextHelpId
GetSysColorBrush
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetUpdateRect
PtInRect
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
OpenInputDesktop
CreateAcceleratorTableW
EmptyClipboard
BeginPaint
OffsetRect
SetFocus
GetScrollPos
CopyIcon
KillTimer
MapVirtualKeyW
GetClipboardData
GetClassInfoExW
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
GetScrollRange
SendDlgItemMessageW
PostMessageW
GetKeyNameTextW
EndDialog
DrawTextExW
WaitMessage
CreatePopupMenu
CheckMenuItem
DrawFocusRect
GetClassLongW
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
CreateMenu
GetDlgItem
RemovePropW
BringWindowToTop
ScreenToClient
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
DestroyAcceleratorTable
BeginDeferWindowPos
ValidateRect
SetWindowsHookExW
LoadCursorW
LoadIconW
ReuseDDElParam
GetDC
SetForegroundWindow
NotifyWinEvent
OpenClipboard
GetAsyncKeyState
MapDialogRect
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
HideCaret
GetKeyboardLayout
SendInput
GetCapture
MessageBeep
LoadMenuW
GetWindowThreadProcessId
DeferWindowPos
ShowScrollBar
MessageBoxW
GetMenu
DestroyIcon
RegisterClassExW
SetMenu
MoveWindow
AppendMenuW
GetWindowDC
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
EnableMenuItem
EnumDisplayMonitors
DefFrameProcW
IsWindowVisible
WinHelpW
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
GetLastInputInfo
UnionRect
DispatchMessageW
FrameRect
SetRect
DeleteMenu
InvalidateRect
CharNextW
CallWindowProcW
GetClassNameW
ModifyMenuW
CloseDesktop
IsRectEmpty
IsMenu
GetFocus
wsprintfW
CloseClipboard
GetDlgItemTextW
SetCursor
UnhookWindowsHookEx
TranslateAcceleratorW
OleLockRunning
CoUninitialize
OleTranslateAccelerator
OleUninitialize
OleDestroyMenuDescriptor
DoDragDrop
StgOpenStorageOnILockBytes
StringFromGUID2
CreateStreamOnHGlobal
OleFlushClipboard
IsAccelerator
CoCreateGuid
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoRegisterMessageFilter
OleGetClipboard
OleDuplicateData
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
OleInitialize
CoLockObjectExternal
CoTaskMemRealloc
CoCreateInstance
OleRun
CoInitializeEx
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
OleCreateMenuDescriptor
CoRevokeClassObject
CoFreeUnusedLibraries
ReleaseStgMedium
CoDisconnectObject
OleIsCurrentClipboard
CoTaskMemFree
Number of PE resources by type
RT_ICON 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN SWISS 6
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
Tool used internally by Total Commander, do not start directly!

LinkerVersion
9.0

ImageVersion
0.0

FileVersionNumber
1.0.0.5

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
ASCII

InitializedDataSize
112128

EntryPoint
0x5c700

MIMEType
application/octet-stream

TimeStamp
2016:08:24 21:54:59+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Total Commander udministrator Tool

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ghisler Software GmbH

CodeSize
375808

FileSubtype
0

ProductVersionNumber
1.0.0.5

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 9b2ea889277d9fca9ccd89fd79c65077
SHA1 f476c97657bc3fcc0a11f995121ee0629f004f42
SHA256 3df14de68a8d4e9a74ebd778aa4bc299bd7e282a89a709b5b427d13662f4593b
ssdeep
12288:zyzsKH5Gp25+hynnuBb/d2nK595w5l595r595Z5r5b595D595r595n595n5R595g:GgcGhcGb/dy6

authentihash cd8fa0fd1fbf06e92c3ddaccf9e368185b097e6992da9883f4162c25427c16fe
imphash 1060f25b8c782cf49fe3b563bae32e7a
File size 477.5 KB ( 488960 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-23 22:56:03 UTC ( 2 years, 6 months ago )
Last submission 2016-12-08 17:25:57 UTC ( 2 years, 2 months ago )
File names apcwotyp.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications