× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3fb419b75bba814ed51b84d5dce7be293c93cc2b9f801e2116a72eec504fd490
File name: flash3.exe
Detection ratio: 3 / 54
Analysis date: 2014-08-28 14:08:17 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
DrWeb BackDoor.Andromeda.267 20140828
ESET-NOD32 Win32/Spy.Zbot.ACB 20140828
F-Prot W32/Powessere.A.gen!Eldorado 20140828
Ad-Aware 20140827
AegisLab 20140828
Yandex 20140827
AhnLab-V3 20140828
AntiVir 20140828
Antiy-AVL 20140828
Avast 20140828
AVG 20140828
AVware 20140828
Baidu-International 20140828
BitDefender 20140828
Bkav 20140828
ByteHero 20140828
CAT-QuickHeal 20140828
ClamAV 20140826
CMC 20140828
Comodo 20140828
Cyren 20140828
Emsisoft 20140828
F-Secure 20140828
Fortinet 20140828
GData 20140828
Ikarus 20140828
Jiangmin 20140827
K7AntiVirus 20140826
K7GW 20140826
Kaspersky 20140828
Kingsoft 20140828
Malwarebytes 20140828
McAfee 20140828
McAfee-GW-Edition 20140828
Microsoft 20140828
eScan 20140828
NANO-Antivirus 20140828
Norman 20140828
nProtect 20140828
Panda 20140828
Qihoo-360 20140828
Rising 20140828
Sophos AV 20140828
SUPERAntiSpyware 20140828
Symantec 20140828
Tencent 20140828
TheHacker 20140827
TotalDefense 20140828
TrendMicro 20140828
TrendMicro-HouseCall 20140828
VBA32 20140828
VIPRE 20140828
ViRobot 20140828
Zillya 20140828
Zoner 20140826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-28 08:11:47
Entry Point 0x0000385E
Number of sections 4
PE sections
Number of PE resources by type
RT_BITMAP 22
RT_STRING 6
RT_DIALOG 2
RT_FONT 1
Number of PE resources by language
ENGLISH US 22
NEUTRAL 8
ARABIC SYRIA 1
PE resources
File identification
MD5 f81c2a86407179eb7c6637c921997e01
SHA1 e9a0ba76ae861e94738bf52250efbedf819ee3d0
SHA256 3fb419b75bba814ed51b84d5dce7be293c93cc2b9f801e2116a72eec504fd490
ssdeep
6144:+XQddP4+FTexgczIapcDwCfW6Pg3asNa4V0+:+XQdNdczDOwQWioZ7

imphash 2cf92b8092f02b185d5a78a2fa461ce8
File size 319.2 KB ( 326848 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-08-28 14:08:17 UTC ( 4 years, 6 months ago )
Last submission 2014-08-28 14:08:17 UTC ( 4 years, 6 months ago )
File names pSNK1RC.dwg
flash3.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs