× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 44857c45faa965aae0930aac8c12e2434e92f78802b007f8f6c4dc4e37e49272
File name: a90d64ce4039acc02c9fce387f11a93428268ebd_391-direct.ex
Detection ratio: 48 / 54
Analysis date: 2014-10-27 14:38:42 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.TDss.16 20141027
Yandex Trojan.Tdss!fZQ50f1F/FU 20141027
AhnLab-V3 Win-Trojan/Fakeav.414720 20141027
Avast Win32:Jifas-FZ [Trj] 20141027
AVG Generic18.IIN 20141027
Avira (no cloud) TR/Crypt.XPACK.Gen2 20141027
AVware Packed.Win32.Tdss.q (v) 20141027
Baidu-International Trojan.Win32.Tdss.Ae 20141027
BitDefender Gen:Variant.TDss.16 20141027
Bkav W32.Clod3e6.Trojan.4d7d 20141027
CAT-QuickHeal FraudTool.FakeCog 20141027
ClamAV Trojan.TDSS-3790 20141027
Comodo TrojWare.Win32.MalPack.~ULX 20141027
Cyren W32/TDSS.G.gen!Eldorado 20141027
DrWeb BackDoor.Tdss.2824 20141027
Emsisoft Gen:Variant.TDss.16 (B) 20141027
ESET-NOD32 Win32/Olmarik.YA 20141027
F-Prot W32/TDSS.G.gen!Eldorado 20141027
F-Secure Packed:W32/TDSS.GJ 20141027
Fortinet W32/PackTDss.K!tr 20141027
GData Gen:Variant.TDss.16 20141027
Ikarus Trojan.Win32.Tdss 20141027
Jiangmin Trojan/TDSS.ohx 20141026
K7AntiVirus Trojan ( 0017c0b91 ) 20141027
K7GW Trojan ( 0017c0b91 ) 20141027
Kaspersky Trojan.Win32.TDSS.beea 20141027
Kingsoft Win32.Troj.Tdss.(kcloud) 20141027
Malwarebytes Trojan.Agent.Gen 20141027
McAfee DNSChanger.bu 20141027
McAfee-GW-Edition DNSChanger.bu 20141027
Microsoft Trojan:Win32/Alureon.gen!J 20141027
eScan Gen:Variant.TDss.16 20141025
NANO-Antivirus Trojan.Win32.Tdss.bqlyg 20141027
Norman Tdss.FQV 20141027
nProtect Trojan/W32.TDSS.108032.T 20141027
Qihoo-360 Win32/Trojan.fa7 20141027
Rising PE:Trojan.Win32.Generic.1336006A!322306154 20141026
Sophos AV Mal/TDSSPack-Q 20141027
SUPERAntiSpyware Trojan.Agent/Gen-Krpytik 20141027
Symantec Trojan.FakeAV!gen31 20141027
Tencent Win32.Trojan.Tdss.Edyc 20141027
TheHacker Trojan/Tdss.bfvw 20141022
TotalDefense Win32/TDSS.C!generic 20141027
TrendMicro TROJ_FAKEAV.SMEY 20141027
TrendMicro-HouseCall TROJ_FAKEAV.SMEY 20141027
VBA32 Trojan.TDSS.01414 20141027
VIPRE Packed.Win32.Tdss.q (v) 20141027
Zillya Trojan.Tdss.Win32.6071 20141027
AegisLab 20141027
Antiy-AVL 20141027
ByteHero 20141027
CMC 20141027
ViRobot 20141027
Zoner 20141024
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-06-10 11:01:07
Entry Point 0x00001004
Number of sections 10
PE sections
PE imports
GetStartupInfoA
GetTempPathA
FatalExit
CloseHandle
VirtualProtect
GetCommandLineA
GetNextDlgTabItem
GetWindowRgnBox
PE exports
Number of PE resources by type
RT_MESSAGETABLE 2
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2010:06:10 12:01:07+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
9.0

FileAccessDate
2014:10:27 15:38:48+01:00

EntryPoint
0x1004

InitializedDataSize
217088

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:10:27 15:38:48+01:00

UninitializedDataSize
0

File identification
MD5 8aceb3cac48ac1cc61d2b79eb88d1c70
SHA1 a90d64ce4039acc02c9fce387f11a93428268ebd
SHA256 44857c45faa965aae0930aac8c12e2434e92f78802b007f8f6c4dc4e37e49272
ssdeep
3072:LZoBSIPGEt2bJ+atGBNghUn8vxDrNtI0/9RCV:loRrIbJJqNghUn85Dh

authentihash deeb49f0210be2852ce9fe974660da78b016ba6b2e01cdab98371c36b927f355
imphash e76083c718c908b6694472f27c71a55f
File size 105.5 KB ( 108032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Clipper DOS Executable (11.7%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
corrupt peexe

VirusTotal metadata
First submission 2010-06-10 22:28:07 UTC ( 7 years, 11 months ago )
Last submission 2014-10-27 14:38:42 UTC ( 3 years, 7 months ago )
File names smona130674178721068906794
e3zr.tiff
If295xQOlx.msc
aa
a90d64ce4039acc02c9fce387f11a93428268ebd_391-direct.ex
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!