× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4332a388ba2b9c094011e2553906716231d3733c39309556df27cbee7ca73898
File name: file-4593083_
Detection ratio: 34 / 43
Analysis date: 2012-10-04 22:44:13 UTC ( 1 year, 6 months ago )
Antivirus Result Update
AVG Agent_r.BNH 20121004
AhnLab-V3 Trojan/Win32.PornoAsset 20121004
AntiVir TR/Ransom.Blocker.xma 20121004
Avast Win32:Ransom-RO [Trj] 20121004
BitDefender Trojan.Generic.KDV.733264 20121004
CAT-QuickHeal TrojanRansom.PornoAsset.xma 20121004
Commtouch W32/Falab.F16.gen!Eldorado 20121004
Comodo UnclassifiedMalware 20121004
DrWeb Trojan.DownLoader6.29607 20121004
ESET-NOD32 a variant of Win32/Kryptik.ALXA 20121004
F-Prot W32/Falab.F16.gen!Eldorado 20121004
F-Secure Trojan.Generic.KDV.733264 20121003
Fortinet W32/Kryptik.AB!tr 20121004
GData Trojan.Generic.KDV.733264 20121004
Ikarus Virus.Win32.Vundo 20121004
Jiangmin Trojan/PornoAsset.ens 20121003
K7AntiVirus Trojan 20121004
Kaspersky Trojan-Ransom.Win32.PornoAsset.xma 20121004
Kingsoft Win32.Troj.Undef.(kcloud) 20120925
McAfee Artemis!1946D4508691 20121004
McAfee-GW-Edition Artemis!1946D4508691 20121004
Microsoft TrojanDownloader:Win32/Karagany.L 20121004
Norman W32/Troj_Generic.EDGCE 20121003
PCTools Trojan.Zbot 20121004
Panda Trj/OCJ.A 20121004
Sophos Mal/Katusha-L 20121004
Symantec Trojan.Zbot!gen35 20121003
TrendMicro TROJ_RANSOM.CUQ 20121004
TrendMicro-HouseCall TROJ_RANSOM.CUQ 20121004
VBA32 Hoax.PornoAsset.xma 20121004
VIPRE Trojan.Win32.Generic!BT 20121004
ViRobot Trojan.Win32.A.PornoAsset.52736.J 20121004
eSafe Win32.Trojan 20121002
nProtect Trojan.Generic.KDV.733264 20121004
Agnitum 20121004
Antiy-AVL 20121004
ByteHero 20120918
ClamAV 20121004
Emsisoft 20120919
Rising 20120928
SUPERAntiSpyware 20120911
TheHacker 20121004
TotalDefense 20121004
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-05-31 13:41:20
Entry Point 0x0000193E
Number of sections 12
PE sections
PE imports
lstrlenW
Ord(29)
CharUpperA
PE exports
Number of PE resources by type
RT_DIALOG 2
Number of PE resources by language
ENGLISH US 2
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:05:31 15:41:20+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
746496

LinkerVersion
10.0

EntryPoint
0x193e

InitializedDataSize
26112

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 1946d4508691a113651a4ef202ba15fe
SHA1 f3d5cc52e69711b3414f6cdc9eafc74848870ab7
SHA256 4332a388ba2b9c094011e2553906716231d3733c39309556df27cbee7ca73898
ssdeep
1536:BJplkywSx3Ws8DB3PHboaXA5azUVLW6G:LplNwS8B/MDVL9G

File size 51.5 KB ( 52736 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-09-18 20:17:11 UTC ( 1 year, 7 months ago )
Last submission 2012-10-04 22:44:13 UTC ( 1 year, 6 months ago )
File names file-4593083_
wgsdgsdgdsgsd.exe
1946d4508691a113651a4ef202ba15fe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!