× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4a7d609cdee0a1eaac83186fa54b07aad0e96644e37aedd17044483bfada0131
File name: 4a7d609cdee0a1eaac83186fa54b07aad0e96644e37aedd17044483bfada0131
Detection ratio: 10 / 54
Analysis date: 2016-02-11 05:26:48 UTC ( 3 years ago ) View latest
Antivirus Result Update
AegisLab Troj.Crypt.Zpack!c 20160211
AVG Agent5.AKLO 20160211
Avira (no cloud) TR/Crypt.ZPACK.212261 20160211
ESET-NOD32 Win32/Qadars.AO 20160211
Fortinet W32/Qadars.AO!tr 20160211
McAfee Artemis!4A28C3ABF668 20160211
McAfee-GW-Edition Artemis 20160211
NANO-Antivirus Trojan.Win32.ZPACK.eafbue 20160211
Qihoo-360 HEUR/QVM09.0.Malware.Gen 20160211
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 [F] 20160210
Ad-Aware 20160211
Yandex 20160210
AhnLab-V3 20160210
Alibaba 20160204
Antiy-AVL 20160211
Arcabit 20160211
Avast 20160211
Baidu-International 20160210
BitDefender 20160211
Bkav 20160204
ByteHero 20160211
CAT-QuickHeal 20160211
ClamAV 20160210
CMC 20160205
Comodo 20160211
Cyren 20160211
DrWeb 20160211
Emsisoft 20160211
F-Prot 20160211
F-Secure 20160211
GData 20160211
Ikarus 20160211
Jiangmin 20160211
K7AntiVirus 20160210
K7GW 20160211
Kaspersky 20160210
Malwarebytes 20160211
Microsoft 20160211
eScan 20160211
nProtect 20160205
Panda 20160210
Sophos AV 20160211
SUPERAntiSpyware 20160211
Symantec 20160210
Tencent 20160211
TheHacker 20160210
TotalDefense 20160210
TrendMicro 20160211
TrendMicro-HouseCall 20160211
VBA32 20160210
VIPRE 20160211
ViRobot 20160211
Zillya 20160210
Zoner 20160211
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2002-2014 LabTech Software

Product Milecomplete
File version 14.3.7417.2920
Description Milecomplete Sentfind
Comments Drinkteeth matchwith
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-06-12 07:58:05
Entry Point 0x0001C7AD
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
GetDeviceCaps
SetAbortProc
EndDoc
CombineRgn
AbortDoc
SetRectRgn
GetSystemTime
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
FindFirstChangeNotificationA
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetDateFormatA
GetEnvironmentStrings
GetLocaleInfoA
LocalAlloc
OpenProcess
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetStringTypeA
GetProcessHeap
GetCPInfo
TlsFree
GetModuleHandleA
GetCurrentProcessId
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
MapUserPhysicalPagesScatter
GetSystemTimeAsFileTime
GetVolumeInformationA
GetACP
HeapReAlloc
GetStringTypeW
HeapDestroy
LocalFree
TerminateProcess
LCMapStringA
SetHandleCount
InitializeCriticalSection
LoadResource
VirtualFree
CreateEventA
InterlockedDecrement
Sleep
GetFileType
GetTickCount
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
HeapCreate
SetLastError
InterlockedIncrement
ReleaseDC
CreateWindowExA
GetWindowLongA
EnumWindows
GetClassInfoExA
DefWindowProcA
CallNextHookEx
WSASocketA
WSAConnect
WSACloseEvent
WSAWaitForMultipleEvents
WSACleanup
WSAStartup
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

Comments
Drinkteeth matchwith

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
14.3.7417.2920

LanguageCode
Neutral

FileFlagsMask
0x0000

FileDescription
Milecomplete Sentfind

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x1c7ad

MIMEType
application/octet-stream

LegalCopyright
Copyright 2002-2014 LabTech Software

FileVersion
14.3.7417.2920

TimeStamp
2006:06:12 08:58:05+01:00

FileType
Win32 EXE

PEType
PE32

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LabTech Software

CodeSize
139264

ProductName
Milecomplete

ProductVersionNumber
14.3.7417.2920

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4a28c3abf668eb4a39c7daa5b233ae03
SHA1 65bca612ee556e7feaae455ab0f3173ef2acd43e
SHA256 4a7d609cdee0a1eaac83186fa54b07aad0e96644e37aedd17044483bfada0131
ssdeep
3072:9UbJMaJSDmc6u6QQ2Hqx2oc78sCqPXDgA0oNVtyRX2DAvIdtHB90tF+:mKiu6Qqf3DqPX0A0oQRQXTv

authentihash ca5e6a248fd80c2fbaf8e0a00b6fe969ef70e994ecad65a5e1eea0125733f556
imphash d68d5c2ff76a9dac8f769fea513c8003
File size 168.0 KB ( 172032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-02-11 01:03:38 UTC ( 3 years ago )
Last submission 2018-03-05 21:19:09 UTC ( 11 months, 2 weeks ago )
File names 51BD.TMP.EXE
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications