× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 489f68646a424ebac7ded1b263b87b31c9e2b3f93ce242b38a219d4b07c29bb8
File name: iNFnfoView.exe
Detection ratio: 46 / 67
Analysis date: 2018-07-22 20:17:56 UTC ( 10 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.1836452 20180722
AegisLab Troj.GameThief.W32.OnLineGames.kZce 20180722
AhnLab-V3 Win-Trojan/OnlineGameHack.B 20180721
ALYac Trojan.Generic.1836452 20180722
Arcabit Trojan.Generic.D1C05A4 20180722
AVware Trojan.Win32.Packer.Upack0.3.9 (ep) 20180722
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9991 20180717
BitDefender Trojan.Generic.1836452 20180722
Bkav W32.OnGamesLT180912HKGHAAI.Trojan 20180719
ClamAV Win.Trojan.Onlinegames-44 20180722
CMC Trojan-GameThief.Win32.OnLineGames!O 20180722
Comodo Packed.Win32.MUPACK.~KW 20180722
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cylance Unsafe 20180722
Cyren W32/SuspPack.CY.gen!Eldorado 20180722
Emsisoft Trojan.Generic.1836452 (B) 20180722
Endgame malicious (high confidence) 20180711
F-Prot W32/SuspPack.CY.gen!Eldorado 20180722
F-Secure Trojan.Generic.1836452 20180722
Fortinet W32/Mmorpg.S!tr.pws 20180722
GData Trojan.Generic.1836452 20180722
Ikarus Trojan-PWS.Win32.OnLineGames 20180722
Sophos ML heuristic 20180717
Jiangmin TrojanDownloader.Small.almc 20180722
K7AntiVirus Trojan ( 003b1b581 ) 20180722
K7GW Trojan ( 003b1b581 ) 20180722
MAX malware (ai score=98) 20180722
McAfee Artemis!6EE4823C5BAD 20180722
McAfee-GW-Edition Artemis!Trojan 20180722
Microsoft Trojan:Win32/Meredrop 20180722
eScan Trojan.Generic.1836452 20180722
NANO-Antivirus Trojan.Win32.Agent.cyswvh 20180722
Panda Trj/Pupack.A 20180722
Qihoo-360 HEUR/QVM14.0.Malware.Gen 20180722
Rising Trojan.Win32.Generic.137BCC78 (C64:YzY0Ojnjr7PcV0jL) 20180722
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/Generic-S 20180722
Symantec Trojan.Gen.2 20180722
Tencent Win32.Trojan.Xed.Wuho 20180722
TheHacker W32/Behav-Heuristic-060 20180722
TotalDefense Win32/Dogbab!generic 20180722
TrendMicro Cryp_Xed-12 20180722
TrendMicro-HouseCall Cryp_Xed-12 20180722
VIPRE Trojan.Win32.Packer.Upack0.3.9 (ep) 20180722
Webroot W32.Malware.Heur 20180722
Yandex Packed/Upack 20180720
Alibaba 20180713
Antiy-AVL 20180722
Avast 20180722
Avast-Mobile 20180722
AVG 20180722
Avira (no cloud) 20180722
Babable 20180406
CAT-QuickHeal 20180722
DrWeb 20180722
eGambit 20180722
ESET-NOD32 20180722
Kaspersky 20180722
Kingsoft 20180722
Malwarebytes 20180722
Palo Alto Networks (Known Signatures) 20180722
SUPERAntiSpyware 20180722
TACHYON 20180722
Trustlook 20180722
VBA32 20180720
ViRobot 20180722
Zillya 20180720
ZoneAlarm by Check Point 20180722
Zoner 20180721
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT UPack
PEiD WinUpack v0.39 final -> By Dwing (c)2005 (h1)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-01-23 23:39:42
Entry Point 0x00001018
Number of sections 3
PE sections
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2004:01:24 00:39:42+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1766614113

LinkerVersion
76.111

FileTypeExtension
exe

InitializedDataSize
1918988898

SubsystemVersion
4.0

EntryPoint
0x1018

OSVersion
4.0

ImageVersion
0.57

UninitializedDataSize
16761

File identification
MD5 6ee4823c5bada23d6a0b990a714f623e
SHA1 0c0dd206c17fb5404831e293977f672a63d22ca2
SHA256 489f68646a424ebac7ded1b263b87b31c9e2b3f93ce242b38a219d4b07c29bb8
ssdeep
96:IdupDaN0DiL0L+NVCNlsomEs+EpQ3tZNZV1aTap:0upxYg0omEs+EpmtYap

authentihash 9317bffa986adaa1dbeedffbee4bfe4f92eda83523d3f8e9c6dab5cd653e7ba1
File size 6.1 KB ( 6280 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID DOS Executable Generic (100.0%)
Tags
peexe upack

VirusTotal metadata
First submission 2009-06-02 13:04:52 UTC ( 9 years, 11 months ago )
Last submission 2018-07-22 20:17:56 UTC ( 10 months ago )
File names iNFnfoView.exe
bfjHS2x1W.pdf
aa
test.txt
u7X9aJN.dotm
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs