× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 46203ee1f7ef7e1f474ad5719f57cf208b8a4193c0ed07f0a49a72a9708c2627
File name: file.exe
Detection ratio: 33 / 56
Analysis date: 2016-09-03 13:47:24 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.RanSerKD.3510176 20160903
AegisLab Uds.Dangerousobject.Multi!c 20160903
AhnLab-V3 Trojan/Win32.Rack.N2096104884 20160903
Antiy-AVL Trojan[Ransom]/Win32.Rack 20160903
Arcabit Trojan.RanSerKD.D358FA0 20160903
Avast Win32:Malware-gen 20160903
AVG Ransom_r.AFE 20160903
Avira (no cloud) TR/Crypt.Xpack.dfk 20160903
Baidu Win32.Trojan.Kryptik.alb 20160903
BitDefender Trojan.RanSerKD.3510176 20160903
Bkav HW32.Packed.2710 20160901
Cyren W32/Cerber.F.gen!Eldorado 20160903
DrWeb Trojan.PWS.Siggen1.56457 20160903
Emsisoft Trojan.RanSerKD.3510176 (B) 20160903
ESET-NOD32 Win32/Filecoder.TorrentLocker.A 20160903
F-Prot W32/Cerber.F.gen!Eldorado 20160903
F-Secure Trojan.RanSerKD.3510176 20160903
GData Trojan.RanSerKD.3510176 20160903
Ikarus Trojan.Win32.Filecoder 20160903
Sophos ML trojan.win32.c2lop.n 20160830
K7GW Trojan ( 004e24c81 ) 20160903
Kaspersky Trojan-Ransom.Win32.Rack.gse 20160903
Malwarebytes Ransom.Cerber 20160903
McAfee Artemis!7DC32A77BCB0 20160903
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.gh 20160903
Microsoft Ransom:Win32/Ranscrape 20160903
eScan Trojan.RanSerKD.3510176 20160903
Rising Malware.Generic!ZX4JYVOY16U@2 (thunder) 20160903
Sophos AV Mal/Generic-S 20160903
Symantec Ransom.Enciphered 20160903
TrendMicro Ransom_CRYPTLOCK.DLFLTA 20160903
TrendMicro-HouseCall Ransom_CRYPTLOCK.DLFLTA 20160903
ViRobot Trojan.Win32.U.CryptoLocker.477184[h] 20160903
Alibaba 20160901
ALYac 20160903
AVware 20160903
CAT-QuickHeal 20160903
ClamAV 20160903
CMC 20160901
Comodo 20160903
Fortinet 20160903
Jiangmin 20160903
K7AntiVirus 20160903
Kingsoft 20160903
NANO-Antivirus 20160903
nProtect 20160903
Panda 20160903
Qihoo-360 20160903
SUPERAntiSpyware 20160902
Tencent 20160903
TheHacker 20160903
VBA32 20160902
VIPRE 20160831
Yandex 20160902
Zillya 20160902
Zoner 20160903
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004-2012

Product SCSI Pass Through Direct
Original name sptdinst.exe
Internal name sptdinst.exe
File version 1.81.0.0 built by: WinDDK
Description SCSI Pass Through Direct setip
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-09-03 11:52:08
Entry Point 0x00062300
Number of sections 4
PE sections
PE imports
RegQueryValueExA
RegOpenKeyW
DeleteEnhMetaFile
Polygon
SetBkMode
CreatePen
TextOutA
CreateFontIndirectA
GetTextMetricsA
LPtoDP
CombineRgn
GetWindowExtEx
GetPixel
Rectangle
CreateMetaFileW
GetDeviceCaps
DeleteDC
GetMapMode
SelectObject
BitBlt
GetCharWidthA
RealizePalette
AbortPath
GetObjectA
RectVisible
CreateBitmap
CreateFontA
CreatePalette
GetStockObject
ExtTextOutA
PtVisible
SelectClipRgn
CreateCompatibleDC
StretchBlt
CloseEnhMetaFile
CreateRectRgn
CloseFigure
AbortDoc
DeleteObject
GetTextExtentPoint32A
Pie
CancelDC
CreateSolidBrush
DPtoLP
Escape
GetViewportExtEx
GetBkColor
CreateCompatibleBitmap
DeleteMetaFile
AddFontResourceW
GetStdHandle
GetDriveTypeW
ReleaseMutex
CreateFileMappingA
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
GetCommandLineW
GetLocalTime
VirtualAllocEx
DeleteCriticalSection
GetCurrentProcess
GetDiskFreeSpaceExA
OpenFileMappingW
GetLocaleInfoA
LocalAlloc
OpenFileMappingA
SetErrorMode
GetLogicalDrives
GetThreadContext
GetFileTime
GetTempPathA
WideCharToMultiByte
GetTempPathW
GetTimeZoneInformation
GlobalMemoryStatusEx
GetDiskFreeSpaceA
ResumeThread
SetFileAttributesA
GetExitCodeProcess
LocalFree
MoveFileA
GetThreadPriority
SetWaitableTimer
InitializeCriticalSection
LoadResource
GlobalHandle
GetLogicalDriveStringsW
TlsGetValue
QueryDosDeviceW
MoveFileW
SetFileAttributesW
OutputDebugStringA
GetCurrentThread
SetLastError
GetUserDefaultUILanguage
GetSystemTime
DeviceIoControl
GlobalFindAtomW
WriteProcessMemory
OutputDebugStringW
GetModuleFileNameW
TryEnterCriticalSection
Beep
CopyFileA
HeapAlloc
VerLanguageNameW
lstrcpyW
RemoveDirectoryA
QueryPerformanceFrequency
SetProcessWorkingSetSize
GetPriorityClass
LoadLibraryExA
SetThreadPriority
WritePrivateProfileSectionW
GetVolumeInformationW
MultiByteToWideChar
GetPrivateProfileStringW
CreateRemoteThread
CreateMutexA
SetFilePointer
CreateThread
GetSystemDirectoryW
MoveFileExW
GetSystemDefaultUILanguage
CreatePipe
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
GlobalMemoryStatus
SearchPathW
GlobalAlloc
CreateEventW
SetEndOfFile
GetVersion
HeapFree
EnterCriticalSection
PeekNamedPipe
TerminateThread
LoadLibraryW
DefineDosDeviceW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
FreeLibrary
CopyFileW
GlobalSize
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
ReadProcessMemory
DeleteFileW
GetProcAddress
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
GetComputerNameW
CompareStringW
WriteFile
GlobalReAlloc
lstrcmpA
lstrcpyA
ResetEvent
GetComputerNameA
TerminateProcess
lstrcmpW
WaitForMultipleObjects
GlobalLock
CreateFileMappingW
LocalSize
CreateFileW
CreateEventA
TlsSetValue
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
CreateWaitableTimerW
GetShortPathNameW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
GetProcessTimes
GetThreadLocale
GlobalUnlock
VirtualQuery
GetModuleFileNameA
WinExec
CreateProcessW
CancelWaitableTimer
SizeofResource
VirtualFreeEx
GetCurrentProcessId
LockResource
ProcessIdToSessionId
lstrlenW
GetCPInfo
GetCommandLineA
CreateSemaphoreW
WritePrivateProfileStringW
SuspendThread
GetSystemDefaultLangID
RaiseException
ReleaseSemaphore
MapViewOfFile
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetVolumeInformationA
GetModuleHandleW
GetLongPathNameW
CreateProcessA
HeapCreate
OpenEventW
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
RedrawWindow
GetMessagePos
SetWindowRgn
ReleaseDC
PostMessageA
DestroyWindow
OffsetRect
DrawEdge
DrawIcon
GetCapture
IsMenu
KillTimer
GetNextDlgGroupItem
DefWindowProcA
ShowWindow
FillRect
DrawFrameControl
LoadBitmapA
GetParent
GetSystemMetrics
IsIconic
SetScrollRange
AppendMenuA
GetWindowRect
InflateRect
EnableWindow
SetCapture
ReleaseCapture
ModifyMenuA
GrayStringA
WindowFromPoint
MessageBoxA
PeekMessageA
SetWindowLongA
TranslateMessage
GetSysColor
SendNotifyMessageA
DrawFocusRect
GetMenuItemID
GetKeyState
GetCursorPos
SystemParametersInfoA
LoadMenuA
SetWindowTextA
DestroyIcon
GetWindowLongA
SetClipboardData
PtInRect
IsWindowVisible
SendMessageA
DrawTextA
GetClientRect
GetClassInfoA
IsWindow
SetScrollPos
FrameRect
SetRect
InvalidateRect
TabbedTextOutA
wsprintfA
SetTimer
LoadCursorA
LoadIconA
GetSystemMenu
GetActiveWindow
ClientToScreen
GetMenuStringA
GetSubMenu
CopyRect
GetMenuState
DispatchMessageA
GetNextDlgTabItem
LoadIconW
EqualRect
GetDC
EmptyClipboard
GetMenuItemCount
CloseClipboard
OpenClipboard
SetCursor
CoUninitialize
CoTaskMemAlloc
CoRevokeClassObject
CoAddRefServerProcess
CoCreateInstanceEx
CoReleaseServerProcess
CoTaskMemFree
Number of PE resources by type
RT_ICON 3
RT_DIALOG 2
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 8
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
6

FileVersionNumber
1.81.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
76800

EntryPoint
0x62300

OriginalFileName
sptdinst.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004-2012

FileVersion
1.81.0.0 built by: WinDDK

TimeStamp
2016:09:03 12:52:08+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
sptdinst.exe

ProductVersion
1.81.0.0

FileDescription
SCSI Pass Through Direct setip

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Duplex Secure Ltd.

CodeSize
399872

ProductName
SCSI Pass Through Direct

ProductVersionNumber
1.81.0.0

FileTypeExtension
exe

ObjectFileType
Driver

File identification
MD5 7dc32a77bcb0aa3fbd78f91ab5aad3df
SHA1 bd48c327711295ac0ecc9fbedf90d4177c08a76f
SHA256 46203ee1f7ef7e1f474ad5719f57cf208b8a4193c0ed07f0a49a72a9708c2627
ssdeep
12288:eU9TWcpI3U+iLBMLGO1u+5vW/9n1gJ7VUj5qd:Xicm3ciGOfeuU1+

authentihash 20cf3966745d96e845bdf6d9d555b94a6b2f803bd0d8351b966747d5dc5b24be
imphash 466cd57d6d30b7ac3c1d379acba951f4
File size 466.0 KB ( 477184 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-09-02 12:56:00 UTC ( 2 years, 6 months ago )
Last submission 2018-01-22 11:18:25 UTC ( 1 year, 2 months ago )
File names 8c971df23546412397f667b2a497acb77d088a5a
46203ee1f7ef7e1f474ad5719f57cf208b8a4193c0ed07f0a49a72a9708c2627.EXE
46203ee1f7ef7e1f474ad5719f57cf208b8a4193c0ed07f0a49a72a9708c2627.bin
anaqovew.exe
file.exe
exapituw.exe
IQYWPRRJ.EXE
egitufub.exe
sptdinst.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications