× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 460072e26182a1288e7cfdc920afae8d99f965860c5343aada2d6b5c450d23a4
File name: 006881062
Detection ratio: 58 / 62
Analysis date: 2017-05-06 16:00:00 UTC ( 2 years ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.1140075 20170506
AegisLab Backdoor.W32.Androm.agdh!c 20170506
AhnLab-V3 Trojan/Win32.PornoAsset.C177211 20170506
ALYac Trojan.GenericKD.1140075 20170506
Antiy-AVL Trojan[Backdoor]/Win32.Androm 20170506
Arcabit Trojan.Generic.D11656B 20170506
Avast Win32:Downloader-TZI [Trj] 20170506
AVG Win32/Cryptor 20170506
Avira (no cloud) TR/Dropper.Gen 20170506
AVware Trojan.Win32.Generic!BT 20170506
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9926 20170503
BitDefender Trojan.GenericKD.1140075 20170506
Bkav W32.AndromLoktrom.Trojan 20170506
CAT-QuickHeal Trojan.Lethic.B5 20170506
ClamAV Win.Trojan.Agent-1308570 20170506
Comodo TrojWare.Win32.Spy.Zbot.NTJY 20170506
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170130
Cyren W32/Androm.WGUG-4249 20170506
DrWeb BackDoor.IRC.NgrBot.146 20170506
Emsisoft Trojan.GenericKD.1140075 (B) 20170506
Endgame malicious (high confidence) 20170503
ESET-NOD32 Win32/Dorkbot.B 20170506
F-Prot W32/Androm.AD 20170506
F-Secure Trojan.GenericKD.1140075 20170506
Fortinet W32/Androm.AGDH!tr 20170506
GData Win32.Trojan.Agent.4RCRGD 20170506
Ikarus Trojan.Win32.Loktrom 20170506
Sophos ML generic.a 20170413
Jiangmin Backdoor/Androm.aee 20170506
K7AntiVirus Riskware ( 0040eff71 ) 20170506
K7GW Riskware ( 0040eff71 ) 20170506
Kaspersky Backdoor.Win32.Androm.agdh 20170506
Malwarebytes Trojan.Agent.ED 20170506
McAfee Ainslot.b 20170506
McAfee-GW-Edition Ainslot.b 20170506
Microsoft Worm:Win32/Dorkbot.I 20170506
eScan Trojan.GenericKD.1140075 20170506
NANO-Antivirus Trojan.Win32.NgrBot.ccjwgy 20170506
Palo Alto Networks (Known Signatures) generic.ml 20170506
Panda Trj/Agent.IVN 20170506
Qihoo-360 Win32/Backdoor.a1e 20170506
Rising Trojan.Generic (cloud:rJghfItTw1O) 20170506
SentinelOne (Static ML) static engine - malicious 20170330
Sophos AV Mal/EncPk-AKA 20170506
SUPERAntiSpyware Trojan.Agent/Gen-Loktrom 20170506
Symantec Backdoor.Matsnu.B 20170505
Tencent Win32.Backdoor.Androm.Huqa 20170506
TotalDefense Win32/Tnega.ASRZ 20170506
TrendMicro WORM_ANDROM.ITW 20170506
TrendMicro-HouseCall WORM_ANDROM.ITW 20170506
VBA32 Backdoor.Androm 20170506
VIPRE Trojan.Win32.Generic!BT 20170506
ViRobot Trojan.Win32.Z.Androm.122880.W[h] 20170506
Webroot Trojan.Dropper.Gen 20170506
Yandex Backdoor.Androm!YS6k/ywPusQ 20170504
Zillya Backdoor.Androm.Win32.2020 20170505
ZoneAlarm by Check Point Backdoor.Win32.Androm.agdh 20170506
Zoner I-Worm.Dorkbot.B 20170506
Alibaba 20170505
CMC 20170505
Kingsoft 20170506
nProtect 20170506
Symantec Mobile Insight 20170504
TheHacker 20170505
Trustlook 20170506
WhiteArmor 20170502
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Launcher created by seba

Product RapidSVN Portable
Original name RapidSVNPortable.exe
File version 0.1.0.0
Description RapidSVN Portable
Comments Allow RapidSVN to be run from a removeable drive. This launcher is based on the Portable Application Template created by Klonk (Karl Loncarek).
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-27 00:07:11
Entry Point 0x00001D00
Number of sections 5
PE sections
PE imports
AccessCheckByType
ClusterResourceTypeCloseEnum
ClusterEnum
DeleteClusterGroup
SetClusterNetworkPriorityOrder
ClusterCloseEnum
AddClusterResourceNode
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetConsoleMode
GetModuleFileNameW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
HeapSetInformation
GetCurrentProcess
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
SetHandleCount
HeapQueryInformation
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
GetTickCount
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
HeapSize
ExitProcess
WideCharToMultiByte
LoadLibraryW
TlsFree
GetSystemTimeAsFileTime
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
TlsGetValue
Sleep
GetFileType
ReadConsoleW
TlsSetValue
EncodePointer
GetCurrentThreadId
InterlockedIncrement
SetLastError
LeaveCriticalSection
Number of PE resources by type
RT_FONT 1
RT_VERSION 1
Number of PE resources by language
SPANISH PUERTO RICO 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
Allow RapidSVN to be run from a removeable drive. This launcher is based on the Portable Application Template created by Klonk (Karl Loncarek).

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.1.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
RapidSVN Portable

CharacterSet
ASCII

InitializedDataSize
97280

EntryPoint
0x1d00

OriginalFileName
RapidSVNPortable.exe

MIMEType
application/octet-stream

LegalCopyright
Launcher created by seba

FileVersion
0.1.0.0

TimeStamp
2013:07:27 01:07:11+01:00

FileType
Win32 EXE

PEType
PE32

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
by seba

CodeSize
24576

ProductName
RapidSVN Portable

ProductVersionNumber
0.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2da8d6c76f624970c3db4dd0967fbd23
SHA1 df339482c207dfc4a420241bd094130e9be3f691
SHA256 460072e26182a1288e7cfdc920afae8d99f965860c5343aada2d6b5c450d23a4
ssdeep
3072:1DIpPASf7UlQ33gUJMP0+y+wPaxMXX17nmKE/:+RASZ3wUJCWPUMHBnFE

authentihash cb63eb7f1af7f0e947f3b7f180e9da041181f253a9b95dc5a1e9202d79a7bdfb
imphash e3ae41045cbef66bad79737b58dbe5a4
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
peexe usb-autorun

VirusTotal metadata
First submission 2013-07-27 01:03:39 UTC ( 5 years, 10 months ago )
Last submission 2017-12-06 17:47:54 UTC ( 1 year, 5 months ago )
File names WL-79fb660b016ec5472fec1a4f78715764-0
vt-upload-OPCDl
malekal_2da8d6c76f624970c3db4dd0967fbd23
vt-upload-Tady2
vt-upload-fFGoG
vt-upload-kYYQs
vt-upload-vJFqc
bc4.exe
2da8d6c76f624970c3db4dd0967fbd23
file-5785685_malware
vt-upload-ya58d
6518.exe
vt-upload-tyPfo
df339482c207dfc4a420241bd094130e9be3f691
vt-upload-tFt_f
RapidSVNPortable.exe
006881062
3f21.exe
2da8d6c76f624970c3db4dd0967fbd23
Advanced heuristic and reputation engines
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!