× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 465e6358d18905d0c1c36ee193886fc595538e1721ffda56b67c247dab038ba7
Detection ratio: 43 / 46
Analysis date: 2013-04-05 12:15:44 UTC ( 5 years, 10 months ago )
Antivirus Result Update
Yandex Trojan.DL.Injecter!TDnvsWSf7bg 20130404
AhnLab-V3 Win-Trojan/Lethic.40448.E 20130404
AntiVir TR/Crypt.XPACK.Gen 20130405
Antiy-AVL Trojan/Win32.Injecter.gen 20130405
Avast Win32:Crypt-MEQ [Trj] 20130405
AVG Generic27.AOLA 20130405
BitDefender Worm.Generic.373584 20130405
CAT-QuickHeal Trojan.Lethic.B 20130405
ClamAV W32.Worm.Ngrbot-1 20130405
Commtouch W32/AutoRun.AJ.gen!Eldorado 20130405
Comodo TrojWare.Win32.Kryptik.ABJJ 20130405
DrWeb Win32.HLLW.Autoruner.37980 20130405
Emsisoft Worm.Generic.373584 (B) 20130405
eSafe Win32.TRCrypt.XPACK 20130403
ESET-NOD32 a variant of Win32/Kryptik.ACHK 20130405
F-Prot W32/AutoRun.AJ.gen!Eldorado 20130405
F-Secure Worm.Generic.373584 20130405
Fortinet W32/Zbot.CGZF!tr 20130405
GData Worm.Generic.373584 20130405
Ikarus Trojan.Win32.Lethic 20130405
Jiangmin TrojanDownloader.Injecter.dky 20130405
K7AntiVirus EmailWorm 20130404
Kaspersky Worm.Win32.Ngrbot.kpb 20130405
Kingsoft Win32.Malware.Heur_Generic.A.(kcloud) 20130401
Malwarebytes Trojan.Agent 20130405
McAfee Generic.dx!bdk4 20130405
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious.H 20130405
Microsoft Trojan:Win32/Lethic.F 20130405
NANO-Antivirus Trojan.Win32.Autoruner.rjrws 20130404
Norman Krypt.FY 20130404
nProtect Worm.Generic.373584 20130405
Panda Generic Trojan 20130405
PCTools Malware.Pilleuz!rem 20130405
Sophos AV W32/Ngrbot-F 20130405
SUPERAntiSpyware Trojan.Agent/Gen-FraudPE 20130405
Symantec W32.Pilleuz 20130405
TheHacker Trojan/Downloader.Injecter.jjo 20130404
TotalDefense Win32/Dorkbot.K!generic 20130404
TrendMicro WORM_NGRBOT.TU 20130405
TrendMicro-HouseCall WORM_NGRBOT.TU 20130405
VBA32 TrojanDownloader.Injecter 20130405
VIPRE Trojan.Win32.Autorun.as (v) 20130405
ViRobot Backdoor.Win32.A.Inject.20440.B 20130405
ByteHero 20130322
eScan 20130405
Rising 20130403
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher hitachi corp.
Product hitachi
Original name DIALER.EXE
Internal name DIALER.EXE
Description hitachi Phone Dialer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-03-05 19:50:42
Entry Point 0x00001046
Number of sections 5
PE sections
PE imports
FreeADsMem
DllGetClassObject
RegCreateKeyExW
RegDeleteValueW
GetFileSecurityW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
AutoDialFunc
CmCustomHangUp
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetNearestColor
GetPaletteEntries
CombineRgn
PlayMetaFile
GetROP2
GetViewportOrgEx
GetObjectType
CreateMetaFileW
SetColorAdjustment
EndDoc
IntersectClipRect
CloseMetaFile
OffsetWindowOrgEx
GetTextFaceW
CreatePalette
GetPolyFillMode
SetTextAlign
StretchDIBits
ScaleViewportExtEx
ArcTo
AbortDoc
SetWindowExtEx
SetViewportExtEx
ExtCreatePen
SetBkColor
GetBkColor
SetRectRgn
TextOutW
CreateFontIndirectW
GetClipBox
GetCurrentPositionEx
CreateRectRgnIndirect
LPtoDP
GetPixel
PolyDraw
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
OffsetClipRgn
BitBlt
SetAbortProc
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SelectPalette
SetROP2
EndPage
GetTextColor
Escape
DeleteObject
PlayMetaFileRecord
GetWindowExtEx
PatBlt
CreatePen
EnumMetaFile
SetStretchBltMode
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetMapMode
GetCharWidthW
StartPage
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
OffsetRgn
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
UnrealizeObject
SelectClipRgn
GetTextAlign
GetTextExtentPoint32A
SetWindowOrgEx
GetClipRgn
GetViewportExtEx
SetTextCharacterExtra
GetTextExtentPoint32W
CreateDIBPatternBrushPt
PolylineTo
GetBkMode
SaveDC
RestoreDC
SetMapperFlags
GetStretchBltMode
SelectClipPath
SetTextColor
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
SetArcDirection
CreateCompatibleDC
PolyBezierTo
CreateFontW
SetBrushOrgEx
CreateRectRgn
SelectObject
SetPolyFillMode
CopyMetaFileW
SetTextJustification
CreateSolidBrush
DPtoLP
StartDocW
CreateCompatibleBitmap
DeleteMetaFile
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
GetFileAttributesW
lstrcmpW
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
lstrcatA
UnhandledExceptionFilter
SetErrorMode
lstrcatW
GetFileTime
WideCharToMultiByte
LoadLibraryW
GetDiskFreeSpaceW
FindResourceExW
FormatMessageW
GetSystemTimeAsFileTime
FreeLibrary
LocalFree
GetProfileIntW
ResumeThread
InitializeCriticalSection
OutputDebugStringW
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
GetFullPathNameW
GetCurrentThread
SetLastError
CopyFileW
lstrcpynW
LoadResource
GetModuleFileNameW
FlushFileBuffers
lstrcpyW
GetStringTypeExW
GlobalFindAtomW
LoadLibraryA
LoadLibraryExA
SetThreadPriority
DelayLoadFailureHook
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
GetPrivateProfileStringW
SetFilePointer
SetFileAttributesW
GlobalAddAtomW
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
GetSystemDirectoryA
TerminateProcess
SearchPathW
VirtualQuery
LocalFileTimeToFileTime
SetEndOfFile
GetCurrentThreadId
GetProcAddress
EnterCriticalSection
lstrcmpiA
GetLastError
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
lstrcmpiW
LocalLock
GlobalSize
LeaveCriticalSection
UnlockFile
GetFileSize
GetModuleHandleW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetTempFileNameW
WriteFile
GlobalReAlloc
lstrcmpA
FindNextFileW
lstrcpyA
FreeConsole
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
GlobalLock
GetTempPathW
CreateEventW
CreateFileW
TlsSetValue
LocalUnlock
InterlockedIncrement
GlobalGetAtomNameW
LocalReAlloc
SystemTimeToFileTime
GlobalDeleteAtom
GetShortPathNameW
GetSystemInfo
lstrlenA
GlobalFree
GetThreadLocale
GlobalUnlock
IsDBCSLeadByte
GlobalAlloc
lstrlenW
LockFile
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
CreateSemaphoreW
InterlockedCompareExchange
WritePrivateProfileStringW
SuspendThread
ReleaseSemaphore
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetVersion
FindResourceW
Sleep
GetProcessVersion
VirtualAlloc
RedrawWindow
GetForegroundWindow
SetMenuItemBitmaps
LoadBitmapW
MoveWindow
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
ClientToScreen
ScrollWindowEx
SetDlgItemInt
GetMessageTime
SetActiveWindow
GetMenuItemID
GetAsyncKeyState
ReleaseDC
GetDlgCtrlID
SendMessageW
UnregisterClassW
GetClassInfoW
SetWindowContextHelpId
DefMDIChildProcW
DrawTextW
SetScrollPos
InSendMessage
CallNextHookEx
IsClipboardFormatAvailable
GetClientRect
TrackPopupMenu
GetTopWindow
GetWindowTextW
RegisterClipboardFormatW
CopyAcceleratorTableW
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetActiveWindow
InvalidateRgn
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
ShowScrollBar
CheckRadioButton
GetMessageW
ShowWindow
GetNextDlgGroupItem
SetPropW
GetMenuState
PeekMessageW
TranslateMDISysAccel
GetTabbedTextExtentA
EnableWindow
SetWindowPlacement
CharUpperW
LoadIconW
TranslateMessage
IsWindowEnabled
GetWindow
GetDlgItemInt
GetTabbedTextExtentW
SystemParametersInfoA
LoadAcceleratorsW
SetParent
RegisterClassW
ScrollWindow
IsZoomed
GetWindowPlacement
LoadStringW
WindowFromDC
DrawMenuBar
EnableMenuItem
InvertRect
GetSubMenu
SetTimer
ShowOwnedPopups
FillRect
CopyRect
DeferWindowPos
GetDialogBaseUnits
CreateWindowExW
TabbedTextOutW
CreateMenu
CharNextW
IsChild
SetFocus
RegisterWindowMessageW
LockWindowUpdate
IsIconic
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
KillTimer
WindowFromPoint
ClipCursor
MapWindowPoints
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
GetScrollRange
RemovePropW
SendDlgItemMessageW
PostMessageW
EndDialog
WaitMessage
CheckMenuItem
DrawFocusRect
GetLastActivePopup
SetWindowTextW
GetDCEx
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ScreenToClient
CountClipboardFormats
PostThreadMessageW
GetMenuItemCount
IsDlgButtonChecked
CheckDlgButton
GetDesktopWindow
IsDialogMessageW
LoadCursorW
GetSystemMenu
ReuseDDElParam
DispatchMessageW
InsertMenuW
SetForegroundWindow
GetMenuStringW
GetCursorPos
EndPaint
CreateDialogIndirectParamW
MapDialogRect
IntersectRect
GetScrollInfo
FindWindowW
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
wvsprintfW
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
GetMenu
SetMenu
SetRectEmpty
MessageBoxA
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetWindowThreadProcessId
DestroyIcon
GetWindowLongW
DefFrameProcW
IsWindowVisible
WinHelpW
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
GetDC
FrameRect
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
SetWindowsHookExW
ValidateRect
IsRectEmpty
GetFocus
wsprintfW
GetDlgItemTextW
TranslateAcceleratorW
UnhookWindowsHookEx
SetCursor
InternetCanonicalizeUrlW
InternetSetStatusCallbackW
FtpRemoveDirectoryW
HttpEndRequestW
HttpSendRequestExW
InternetSetCookieW
FtpFindFirstFileW
InternetErrorDlg
HttpOpenRequestW
InternetSetOptionExW
InternetGetCookieW
InternetQueryOptionW
InternetConnectW
GopherFindFirstFileW
InternetCloseHandle
FtpDeleteFileW
GopherOpenFileW
InternetGetLastResponseInfoW
HttpAddRequestHeadersW
HttpQueryInfoW
GopherCreateLocatorW
InternetFindNextFileW
InternetQueryDataAvailable
FtpRenameFileW
InternetWriteFile
FtpGetFileW
InternetReadFile
InternetSetFilePointer
FtpSetCurrentDirectoryW
FtpCreateDirectoryW
FtpOpenFileW
InternetCrackUrlW
GopherGetAttributeW
FtpPutFileW
FtpGetCurrentDirectoryW
HttpSendRequestW
InternetOpenUrlW
InternetOpenW
_purecall
malloc
abort
_expand
realloc
wcstoul
_get_osfhandle
_wcsnicmp
_msize
__doserrno
_open_osfhandle
_snwprintf
fread
swprintf
_ultow
wcsncmp
_wcsupr
_wfullpath
wcstod
_endthreadex
_except_handler3
_wcsdup
clearerr
wcscmp
floor
fwrite
fseek
fclose
_onexit
wcslen
mktime
ftell
_beginthreadex
_itow
wcsrchr
localtime
_adjust_fdiv
__CxxFrameHandler
wcsftime
_CxxThrowException
wcspbrk
_fdopen
wcschr
wcsncpy
time
_wcsrev
gmtime
free
ceil
wcscspn
_wsplitpath
__dllonexit
__wargv
calloc
_initterm
vswprintf
_wcslwr
fflush
fputws
memmove
wcsspn
wcscpy
iswdigit
__argc
modf
iswspace
wcsstr
wcstol
_wtol
_ltow
fgetws
_wtoi
OleUninitialize
OleCreateMenuDescriptor
OleCreateFromData
OleTranslateAccelerator
OleRun
OleLockRunning
OleDestroyMenuDescriptor
DoDragDrop
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfile
OleRegGetUserType
OleCreateStaticFromData
CoTaskMemAlloc
RegisterDragDrop
OleCreateLinkToFile
StringFromGUID2
OleInitialize
ReadClassStg
CreateStreamOnHGlobal
CreateItemMoniker
OleFlushClipboard
IsAccelerator
OleSetContainedObject
SetConvertStg
OleCreateLinkFromData
GetHGlobalFromILockBytes
OleCreateFromFile
OleRegGetMiscStatus
CLSIDFromProgID
RevokeDragDrop
OleSave
CoDisconnectObject
ReadFmtUserTypeStg
OleGetClipboard
OleLoad
CLSIDFromString
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CoGetClassObject
CoRegisterClassObject
CoInitialize
OleSetClipboard
OleLoadFromStream
CoLockObjectExternal
StgCreateDocfileOnILockBytes
GetClassFile
CoCreateInstance
OleRegEnumVerbs
StgOpenStorage
CreateGenericComposite
OleDuplicateData
OleQueryCreateFromData
CreateDataCache
StgIsStorageFile
ReleaseStgMedium
OleQueryLinkFromData
CoTaskMemFree
CreateDataAdviseHolder
CoRevokeClassObject
WriteClassStm
CoUninitialize
GetRunningObjectTable
OleCreate
WriteClassStg
CoFreeUnusedLibraries
StringFromCLSID
CreateBindCtx
OleIsRunning
OleSetMenuDescriptor
CoGetMalloc
CoTreatAsClass
OleSaveToStream
OleIsCurrentClipboard
CreateFileMoniker
OleGetIconOfClass
ReadClassStm
WriteFmtUserTypeStg
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL DEFAULT 2
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2009:03:05 19:50:42+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
512

LinkerVersion
7.1

Warning
Error processing PE data dictionary

EntryPoint
0x1046

InitializedDataSize
120832

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
81920

Compressed bundles
File identification
MD5 80039b387a37f852982a2eb18cfc6b4c
SHA1 857a078ed3c658c70981d4735673cd37f62d7d4e
SHA256 465e6358d18905d0c1c36ee193886fc595538e1721ffda56b67c247dab038ba7
ssdeep
768:SREN95LjChylXfNvp0TOraL55iwEMj285snb4xUda4m4QgfYdnAAMt:0Ef5PChylVmSrs55iwEc28WWUdcwuZ

File size 39.5 KB ( 40448 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
peexe mz usb-autorun

VirusTotal metadata
First submission 2012-03-10 06:27:24 UTC ( 6 years, 11 months ago )
Last submission 2013-04-05 12:15:44 UTC ( 5 years, 10 months ago )
File names file-3779913_ex_
MP18982.EXE
aa
mp18982.exe
7153E372003051049E14006740934B00120F38BC.tmp
1002-857a078ed3c658c70981d4735673cd37f62d7d4e
DIALER.EXE
395A.hta
file
Jdzh.dwg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!