× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 48ba5fdac383eb5634d325130b155fa472358f5f1a522960b6a9f99c83802f25
File name: ajustes.ttm
Detection ratio: 14 / 57
Analysis date: 2016-04-15 05:42:08 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
AegisLab Troj.W32.Inject!c 20160415
Avast Win32:Trojan-gen 20160415
AVG Downloader.Generic14.AROB 20160415
Avira (no cloud) TR/Crypt.ZPACK.omcj 20160414
Bkav HW32.Packed.3DDA 20160414
ESET-NOD32 Win32/TrojanDownloader.Agent.CCA 20160415
Kaspersky Trojan.Win32.Inject.wblk 20160415
Malwarebytes Trojan.Sharik 20160415
McAfee Artemis!9269552F8801 20160415
McAfee-GW-Edition BehavesLike.Win32.BadFile.nh 20160415
Qihoo-360 Win32/Trojan.6e7 20160415
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20160415
Sophos AV Mal/Generic-S 20160414
Tencent Win32.Trojan-downloader.Agent.Hror 20160415
Ad-Aware 20160415
AhnLab-V3 20160414
Alibaba 20160415
ALYac 20160415
Antiy-AVL 20160415
Arcabit 20160415
AVware 20160415
Baidu 20160414
Baidu-International 20160414
BitDefender 20160415
CAT-QuickHeal 20160415
ClamAV 20160414
CMC 20160412
Comodo 20160415
Cyren 20160415
DrWeb 20160415
Emsisoft 20160415
F-Prot 20160415
F-Secure 20160415
Fortinet 20160413
GData 20160415
Ikarus 20160414
Jiangmin 20160415
K7AntiVirus 20160414
K7GW 20160415
Kingsoft 20160415
Microsoft 20160415
eScan 20160415
NANO-Antivirus 20160415
nProtect 20160414
Panda 20160414
SUPERAntiSpyware 20160415
Symantec 20160415
TheHacker 20160414
TotalDefense 20160415
TrendMicro 20160415
TrendMicro-HouseCall 20160415
VBA32 20160414
VIPRE 20160415
ViRobot 20160415
Yandex 20160414
Zillya 20160415
Zoner 20160415
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Google Inc. ©. All rights reserved.

Product MyprivatekeyReservations
Original name MyprivatekeyReservations
Internal name MyprivatekeyReservations
File version 6.5.3.2
Description Ascii Attack
Comments Ascii Attack
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-13 13:17:49
Entry Point 0x00002777
Number of sections 7
PE sections
PE imports
ImageList_Create
ImageList_Add
FindTextA
GetDeviceCaps
CreateDCA
RestoreDC
SetROP2
DeleteDC
SetBkMode
SelectObject
GetTextExtentPoint32A
CreateFontA
SaveDC
SetPixel
CreateFontIndirectA
CreateSolidBrush
SetStretchBltMode
TextOutA
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetTextColor
GetObjectA
GetLastError
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
LoadLibraryA
GetCommState
GetStartupInfoA
LoadLibraryExA
GetCurrentProcessId
UnhandledExceptionFilter
GetProcAddress
InterlockedCompareExchange
ReadFile
InterlockedExchange
SetUnhandledExceptionFilter
GetCurrentProcess
CloseHandle
GetSystemTimeAsFileTime
TerminateProcess
SetCommState
HeapCreate
SetFileApisToOEM
Sleep
CreateFileA
GetCurrentThreadId
LocalAlloc
__p__fmode
_crt_debugger_hook
wprintf
memset
__dllonexit
_cexit
_controlfp_s
printf
_invoke_watson
strlen
_amsg_exit
?terminate@@YAXXZ
_ismbcspace
?_type_info_dtor_internal_method@type_info@@QAEXXZ
fabs
_lock
_onexit
exit
_XcptFilter
_encode_pointer
__setusermatherr
_initterm_e
_adjust_fdiv
sprintf
_acmdln
_ismbblead
_unlock
__p__commode
??3@YAXPAX@Z
_except_handler4_common
__getmainargs
_initterm
_chdrive
_decode_pointer
strcpy
_configthreadlocale
_exit
strcmp
__set_app_type
Ord(24)
Ord(75)
UpdateWindow
SetMenuItemBitmaps
BeginPaint
CreateIconIndirect
CopyIcon
SetSystemCursor
ShowWindow
DefWindowProcA
CheckMenuRadioItem
LoadBitmapA
DestroyIcon
EndPaint
GetCursorInfo
MessageBoxA
InsertMenuItemA
ReleaseDC
GetIconInfo
GetMenu
SendMessageA
GetDlgItem
CreateDialogParamA
wsprintfA
LoadCursorA
LoadIconA
DrawTextA
GetMenuItemInfoA
IsWindowUnicode
GetClassNameA
FillRect
GetWindowTextA
RegisterClassExA
GdipLoadImageFromFile
GdiplusShutdown
GdipDisposeImage
GdipSaveImageToFile
GdipAlloc
GdipFree
GdipCloneImage
GdiplusStartup
PdhCloseQuery
PdhOpenLogA
PdhCollectQueryData
PdhAddCounterA
PdhAddCounterW
PdhUpdateLogA
PdhGetFormattedCounterValue
PdhOpenQueryA
PdhCloseLog
PE exports
Number of PE resources by type
RT_STRING 21
RT_ACCELERATOR 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 24
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Google Inc. . All rights reserved.

SubsystemVersion
5.0

Comments
Ascii Attack

Languages
English

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.5.3.2

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Ascii Attack

CharacterSet
Unicode

InitializedDataSize
76800

PrivateBuild
6.5.3.2

EntryPoint
0x2777

OriginalFileName
MyprivatekeyReservations

MIMEType
application/octet-stream

LegalCopyright
Google Inc. . All rights reserved.

FileVersion
6.5.3.2

TimeStamp
2016:04:13 15:17:49+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
MyprivatekeyReservations

ProductVersion
6.5.3.2

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Google Inc.

CodeSize
15360

ProductName
MyprivatekeyReservations

ProductVersionNumber
6.5.3.2

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 9269552f88015699c3943084a94edbac
SHA1 8b4c0f70ede5bf5ae626f06475f68d9f13609c87
SHA256 48ba5fdac383eb5634d325130b155fa472358f5f1a522960b6a9f99c83802f25
ssdeep
1536:pu7AHkSEhQ9UJNBkPasuC4bPAmvCwjxIT7QxOt1wsMtxZnn:UKkSO/BHsu7EmvCwjyTMxOt1wsmjn

imphash 6a5b2dfdb99757be2a8bae3aa8045d89
File size 91.0 KB ( 93184 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-04-14 21:44:34 UTC ( 2 years, 11 months ago )
Last submission 2018-05-15 03:26:53 UTC ( 10 months, 1 week ago )
File names ajustes.ttm
MyprivatekeyReservations
enasDTO.scr
9269552f88015699c3943084a94edbac
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R021C0DDG16.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Opened mutexes
Runtime DLLs
UDP communications