× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3f2a2a4cceaacee02950ddeeb9099bb3b850b87d10c1cb56674b466916722890
File name: 5acbc8506bc6532e6930728fbf6b059a
Detection ratio: 36 / 55
Analysis date: 2015-03-16 06:16:34 UTC ( 4 years ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.122121 20150316
Yandex TrojanSpy.Zbot!JEgsmYU0RcM 20150314
AhnLab-V3 Trojan/Win32.Yakes 20150315
ALYac Gen:Variant.Zusy.122121 20150316
Antiy-AVL Trojan[Spy]/Win32.Zbot 20150316
Avast Win32:Crypt-RQS [Trj] 20150316
AVG Crypt3.BQZV 20150316
Avira (no cloud) TR/Zbot.A.1551 20150316
AVware Trojan.Win32.Generic!BT 20150316
Baidu-International Trojan.Win32.Zbot.uuvs 20150315
BitDefender Gen:Variant.Zusy.122121 20150316
Bkav HW32.Packed.6D6C 20150314
CAT-QuickHeal TrojanSpy.Zbot.r4 20150314
ESET-NOD32 a variant of Win32/Kryptik.CUYC 20150316
F-Secure Gen:Variant.Zusy.122121 20150315
Fortinet W32/Zbot.CUYC!tr 20150316
GData Gen:Variant.Zusy.122121 20150316
Ikarus Trojan.Win32.Crypt 20150316
K7AntiVirus Trojan ( 004b3e701 ) 20150315
K7GW Trojan ( 004b3e701 ) 20150316
Kaspersky Trojan-Spy.Win32.Zbot.uuvs 20150316
Malwarebytes Trojan.Agent.ED 20150316
McAfee RDN/Generic PWS.y!bc3 20150316
McAfee-GW-Edition BehavesLike.Win32.Backdoor.dc 20150315
Microsoft PWS:Win32/Zbot.gen!VM 20150316
eScan Gen:Variant.Zusy.122121 20150316
NANO-Antivirus Trojan.Win32.Zbot.dmodbq 20150315
Norman Kryptik.CEXF 20150315
Panda Trj/Genetic.gen 20150311
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20150315
Sophos AV Mal/Generic-S 20150316
Symantec Trojan.Gen 20150316
TheHacker Trojan/Kryptik.cuyc 20150316
TrendMicro TROJ_GEN.R021C0DAR15 20150316
TrendMicro-HouseCall TROJ_GEN.R021C0DAR15 20150316
VIPRE Trojan.Win32.Generic!BT 20150316
AegisLab 20150316
ByteHero 20150316
ClamAV 20150315
CMC 20150313
Comodo 20150316
Cyren 20150316
DrWeb 20150316
F-Prot 20150316
Jiangmin 20150316
Kingsoft 20150316
nProtect 20150313
Qihoo-360 20150316
SUPERAntiSpyware 20150315
Tencent 20150316
TotalDefense 20150315
VBA32 20150315
ViRobot 20150316
Zillya 20150315
Zoner 20150313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Engine Copyright © 2004-2013 Indigo Rose Corporation

Product Factory Runtime
Original name suf_launch.exe
Internal name suf_launch
File version 9.1.1.0
Description Application
Comments Created with Factory
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-09 10:49:47
Entry Point 0x00021606
Number of sections 4
PE sections
PE imports
capCreateCaptureWindowW
LineTo
CreateFontIndirectW
SetBkMode
MoveToEx
CreatePen
SelectObject
BitBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetTextColor
GetSystemTime
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
LoadLibraryA
RtlUnwind
GetModuleFileNameA
GetStdHandle
HeapSetInformation
GetCurrentProcess
DecodePointer
GetCurrentProcessId
lstrcatA
CreateDirectoryA
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
GetStartupInfoW
ExitProcess
GetCPInfo
GetModuleFileNameW
TlsFree
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
IsProcessorFeaturePresent
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
TlsGetValue
Sleep
GetFileType
TlsSetValue
CreateFileA
GetTickCount
GetCurrentThreadId
InterlockedIncrement
SetLastError
LeaveCriticalSection
WNetConnectionDialog
SHGetFolderPathA
StrDupA
ReleaseDC
GetSystemMetrics
EnumDesktopsA
DlgDirListA
EnableWindow
EndDialog
SetDlgItemTextA
IsDlgButtonChecked
GetWindowTextW
GetDlgItemTextA
SetDlgItemInt
MessageBoxA
DestroyMenu
DrawTextW
GetDlgItem
GetSysColor
GetDC
OpenThemeData
CloseThemeData
GetThemeSysFont
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize
Number of PE resources by type
RT_STRING 8
RT_ICON 6
RT_DIALOG 5
RT_BITMAP 3
RT_MENU 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 28
PE resources
ExifTool file metadata
LegalTrademarks
Factory is a trademark of Indigo Rose Corporation.

SubsystemVersion
5.1

Comments
Created with Factory

InitializedDataSize
61440

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.1.1.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Application

CharacterSet
Unicode

LinkerVersion
10.0

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Engine Copyright 2004-2013 Indigo Rose Corporation

FileVersion
9.1.1.0

TimeStamp
2015:01:09 11:49:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
suf_launch

ProductVersion
9.1.1.0

UninitializedDataSize
0

OSVersion
5.1

OriginalFilename
suf_launch.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
232448

ProductName
Factory Runtime

ProductVersionNumber
9.1.1.0

EntryPoint
0x21606

ObjectFileType
Executable application

File identification
MD5 5acbc8506bc6532e6930728fbf6b059a
SHA1 f130c5224d88f8df200bd4d55b3bddd943050ef2
SHA256 3f2a2a4cceaacee02950ddeeb9099bb3b850b87d10c1cb56674b466916722890
ssdeep
6144:sl4PvtTtwqifFAUr3cjQ5aWiTAC7P01W8djPIvxQ1Hm7px:sWPFTtwq/aAQ8LACD01W8VPIpQmx

authentihash 8ecb897fd90cc3b20d68f02a3909adc6e4c7407bb69ec0bed48dbc5f16033724
imphash 747f853c6de1ba4953340f0afe4a6da0
File size 288.0 KB ( 294912 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2015-03-16 06:16:34 UTC ( 4 years ago )
Last submission 2015-03-16 06:16:34 UTC ( 4 years ago )
File names suf_launch.exe
3f2a2a4cceaacee02950ddeeb9099bb3b850b87d10c1cb56674b466916722890.exe
suf_launch
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications