× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 49df8d2890a96b96b96e49e82d387b794e773abaeeb192e0f3f0e3ad4d58a3cd
File name: vt-upload-Pl4Ng
Detection ratio: 23 / 54
Analysis date: 2014-08-04 15:30:22 UTC ( 4 years, 7 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.100061 20140804
AntiVir TR/Crypt.Xpack.95004 20140804
Antiy-AVL Trojan[:HEUR]/Win32.AGeneric 20140804
Avast Win32:Malware-gen 20140804
AVware Trojan.Win32.Generic!BT 20140804
BitDefender Gen:Variant.Zusy.100061 20140804
Emsisoft Gen:Variant.Zusy.100061 (B) 20140804
ESET-NOD32 a variant of Win32/Kryptik.CGYK 20140804
F-Secure Gen:Variant.Zusy.100061 20140804
Fortinet W32/Generic.CGYK!tr 20140804
GData Gen:Variant.Zusy.100061 20140804
Ikarus Trojan.Win32.Kryptik 20140804
Kaspersky HEUR:Trojan.Win32.Generic 20140804
Malwarebytes Spyware.Zbot.VXGen 20140804
McAfee RDN/Generic PWS.y!b2o 20140804
McAfee-GW-Edition RDN/Generic PWS.y!b2o 20140804
Microsoft PWS:Win32/Zbot 20140804
eScan Gen:Variant.Zusy.100061 20140804
Panda Trj/Chgt.A 20140804
Sophos AV Mal/Generic-S 20140804
TrendMicro TROJ_GEN.R0CBC0DH114 20140804
TrendMicro-HouseCall TROJ_GEN.R0CBC0DH114 20140804
VIPRE Trojan.Win32.Generic!BT 20140804
AegisLab 20140804
Yandex 20140804
AhnLab-V3 20140804
AVG 20140804
Baidu-International 20140804
Bkav 20140804
ByteHero 20140804
CAT-QuickHeal 20140804
ClamAV 20140804
CMC 20140804
Commtouch 20140804
Comodo 20140804
DrWeb 20140804
F-Prot 20140804
Jiangmin 20140804
K7AntiVirus 20140804
K7GW 20140804
Kingsoft 20140804
NANO-Antivirus 20140804
Norman 20140804
nProtect 20140804
Qihoo-360 20140804
Rising 20140804
SUPERAntiSpyware 20140804
Symantec 20140804
Tencent 20140804
TheHacker 20140803
TotalDefense 20140804
VBA32 20140804
ViRobot 20140804
Zoner 20140729
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2013 Almico software

Publisher Almico software
Product CRS Createring Rebuilding Sooftware
Original name crs crrebso
Internal name crs manip softw
File version 1.0.8.1
Description CRS Createring Rebuilding Sooftware
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-16 19:54:49
Entry Point 0x000037BE
Number of sections 5
PE sections
PE imports
RegCloseKey
OpenSCManagerW
RegQueryValueExW
RegOpenKeyExW
Ord(17)
ImageList_GetIconSize
GetTextMetricsW
SetMapMode
CombineRgn
SetStretchBltMode
GetObjectA
GetMapMode
BitBlt
CreateBitmapIndirect
RealizePalette
FillRgn
GetTextExtentPoint32W
CreatePalette
CreateBrushIndirect
SetViewportOrgEx
SelectPalette
SetTextAlign
SelectClipRgn
CreateCompatibleDC
CreateFontW
SelectObject
AddFontResourceExW
GetStockObject
BeginPath
DeleteObject
CreateCompatibleBitmap
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
GlobalFree
GetConsoleCP
SetEvent
QueryPerformanceCounter
HeapAlloc
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
GetModuleHandleW
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
WaitForMultipleObjects
EncodePointer
GetProcessHeap
SetStdHandle
CompareStringW
GetCPInfo
LoadLibraryW
TlsFree
SetFilePointer
HeapSetInformation
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
InterlockedIncrement
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
GetStringTypeW
OutputDebugStringA
SetEnvironmentVariableA
GetOEMCP
IsDebuggerPresent
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
HeapCreate
SetLastError
CreateFileW
GlobalAlloc
GetEnvironmentVariableW
TlsGetValue
Sleep
GetFileType
EnumDateFormatsA
TlsSetValue
GetTickCount
GetVersion
GetDefaultCommConfigA
GetProcAddress
LocalAlloc
WriteConsoleW
LeaveCriticalSection
SysAllocString
PathFileExistsW
PathIsRelativeW
ColorRGBToHLS
SetFocus
GetForegroundWindow
GetParent
UpdateWindow
EndDialog
BeginPaint
OffsetRect
GetClassInfoExA
CreatePopupMenu
ShowWindow
SetWindowPos
SendDlgItemMessageA
GetSystemMetrics
SetScrollRange
EndPaint
SetDlgItemTextA
MessageBoxA
SendDlgItemMessageW
MessageBoxW
GetDlgItemInt
CheckDlgButton
GetDC
RegisterClassExA
ReleaseDC
GetDlgCtrlID
SetWindowTextA
CheckMenuItem
GetLastActivePopup
AnyPopup
GetClientRect
GetDlgItem
SetMenuDefaultItem
IsWindow
SetRect
InvalidateRect
InsertMenuA
FillRect
GetDesktopWindow
IsWindowUnicode
IsMenu
GetUpdateRect
DestroyWindow
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoCreateInstance
CoTaskMemFree
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.8.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
139264

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2013 Almico software

FileVersion
1.0.8.1

TimeStamp
2014:07:16 19:54:49+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
crs manip softw

FileAccessDate
2014:08:04 15:29:22+00:00

ProductVersion
1.0.8.1

FileDescription
CRS Createring Rebuilding Sooftware

OSVersion
5.1

FileCreateDate
2014:08:04 15:29:22+00:00

OriginalFilename
crs crrebso

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Almico software

CodeSize
65536

ProductName
CRS Createring Rebuilding Sooftware

ProductVersionNumber
1.0.8.1

EntryPoint
0x37be

ObjectFileType
Executable application

File identification
MD5 2649a4ecda151b85523cdb879ca0204c
SHA1 03eb71b2e167a23b18295435e28288135aa7e9ac
SHA256 49df8d2890a96b96b96e49e82d387b794e773abaeeb192e0f3f0e3ad4d58a3cd
ssdeep
6144:g+iGJ7jz9bknTu4qGcBlKdJAfrjHbjoL:g+iGJ7P9bk1qGcBoArjvo

imphash fe04105d98b4dc3ef9abdd9563168556
File size 201.0 KB ( 205824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-08-04 15:30:22 UTC ( 4 years, 7 months ago )
Last submission 2014-08-04 15:30:22 UTC ( 4 years, 7 months ago )
File names crs crrebso
vt-upload-Pl4Ng
crs manip softw
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!