× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 43c4d8f6942c51587508802dc4a3336de1ae902abb8380a7aeb9b8945ee65c7b
File name: 69.exe
Detection ratio: 2 / 55
Analysis date: 2016-03-14 15:32:57 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
Kaspersky UDS:DangerousObject.Multi.Generic 20160314
Qihoo-360 HEUR/QVM07.1.Malware.Gen 20160314
Ad-Aware 20160314
AegisLab 20160314
Yandex 20160313
AhnLab-V3 20160314
Alibaba 20160314
ALYac 20160314
Antiy-AVL 20160314
Arcabit 20160314
Avast 20160314
AVG 20160314
AVware 20160314
Baidu 20160314
Baidu-International 20160314
BitDefender 20160314
Bkav 20160312
ByteHero 20160314
CAT-QuickHeal 20160314
ClamAV 20160311
CMC 20160314
Comodo 20160314
Cyren 20160314
DrWeb 20160314
Emsisoft 20160314
ESET-NOD32 20160314
F-Prot 20160314
F-Secure 20160314
Fortinet 20160314
GData 20160314
Ikarus 20160314
Jiangmin 20160314
K7AntiVirus 20160314
K7GW 20160314
Malwarebytes 20160314
McAfee 20160314
McAfee-GW-Edition 20160314
Microsoft 20160314
eScan 20160314
NANO-Antivirus 20160314
nProtect 20160311
Panda 20160313
Rising 20160314
Sophos AV 20160314
SUPERAntiSpyware 20160314
Symantec 20160310
Tencent 20160314
TheHacker 20160313
TrendMicro 20160314
TrendMicro-HouseCall 20160314
VBA32 20160314
VIPRE 20160314
ViRobot 20160314
Zillya 20160314
Zoner 20160314
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-02-22 21:32:45
Entry Point 0x00028DD2
Number of sections 4
PE sections
Overlays
MD5 9220af152e055721f27032db470a1f08
File type data
Offset 282624
Size 138175
Entropy 5.85
PE imports
GetBrushOrgEx
CreateICA
GetSystemPaletteEntries
CreateFontA
GetRgnBox
GetStockObject
ResizePalette
GetObjectW
SetStretchBltMode
SetTextAlign
GetExpandedNameW
__p__fmode
_wcsset
_mbsspn
_CIasin
_jn
acos
_adjust_fdiv
qsort
sin
_lrotl
_j0
__getmainargs
_initterm
__setusermatherr
_y0
__p__commode
__set_app_type
Number of PE resources by type
RT_GROUP_ICON 2
RT_VERSION 1
Number of PE resources by language
ENGLISH UK 3
PE resources
ExifTool file metadata
CodeSize
167936

FileDescription
Differentiators Compunction Chicanery

InitializedDataSize
626688

ImageVersion
0.0

ProductName
Buggers Converged

FileVersionNumber
0.31.238.133

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Awardl.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.254.28.21

TimeStamp
2008:02:22 22:32:45+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Dovetail

SubsystemVersion
4.0

ProductVersion
0.250.114.10

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (C) 2016

MachineType
Intel 386 or later, and compatibles

CompanyName
Safer Networking Limited

LegalTrademarks
Arkansas

FileSubtype
0

ProductVersionNumber
0.76.142.219

EntryPoint
0x28dd2

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 56815047f7f330dcb598899915d6606e
SHA1 8f20faecf7448606c2601bc03f94a6ed4d7c960b
SHA256 43c4d8f6942c51587508802dc4a3336de1ae902abb8380a7aeb9b8945ee65c7b
ssdeep
6144:HdFp3ZaT7g65ZcaYuFXj2kgjC7vF9+Pki6vDwEmJfuieLI4h7iNnbDLHly:jp3E46Xsg2HjuIsi6UlWXEqOnbvH8

authentihash fde6bcff8471e3b93ee041b119aed9e2cebbefa1311f1f528093513f27636e8b
imphash 3e21e71cf3cd6cfaa08cf2ba2d304239
File size 410.9 KB ( 420799 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-03-14 14:59:52 UTC ( 1 year, 7 months ago )
Last submission 2017-08-07 20:44:14 UTC ( 2 months, 2 weeks ago )
File names a.exe
69.exe
YeZpI4GGv.xlt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!