× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b72c8316994764c1d414ffe99fdae1d711ba7a30c82c317b74cca69d51f659f
File name: stsvc.exe
Detection ratio: 28 / 68
Analysis date: 2018-01-10 12:02:16 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Johnnie.85931 20180110
Arcabit Trojan.Johnnie.D14FAB 20180110
Avast Win32:Malware-gen 20180110
AVG Win32:Malware-gen 20180110
Avira (no cloud) TR/Dropper.VB.wdbvw 20180110
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9995 20180110
BitDefender Gen:Variant.Johnnie.85931 20180110
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cybereason malicious.caaa74 20171103
Cylance Unsafe 20180110
Emsisoft Gen:Variant.Johnnie.85931 (B) 20180110
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/GenKryptik.BLOQ 20180110
GData Gen:Variant.Johnnie.85931 20180110
Sophos ML heuristic 20170914
Jiangmin Backdoor.Androm.vug 20180110
Kaspersky Backdoor.Win32.Androm.ovqo 20180110
MAX malware (ai score=86) 20180110
McAfee Artemis!68A633EC2861 20180110
McAfee-GW-Edition BehavesLike.Win32.Vilsel.dh 20180110
eScan Gen:Variant.Johnnie.85931 20180110
Palo Alto Networks (Known Signatures) generic.ml 20180110
Panda Trj/RnkBend.A 20180109
Qihoo-360 HEUR/QVM03.0.6ED7.Malware.Gen 20180110
SentinelOne (Static ML) static engine - malicious 20171224
VIPRE Trojan.Win32.Generic!BT 20180110
Webroot W32.Adware.Gen 20180110
ZoneAlarm by Check Point Backdoor.Win32.Androm.ovqo 20180110
AegisLab 20180110
AhnLab-V3 20180110
Alibaba 20180110
ALYac 20180110
Antiy-AVL 20180110
Avast-Mobile 20180110
AVware 20180103
Bkav 20180106
CAT-QuickHeal 20180110
ClamAV 20180110
CMC 20180110
Comodo 20180110
Cyren 20180110
DrWeb 20180110
eGambit 20180110
F-Prot 20180110
F-Secure 20180110
Fortinet 20180110
Ikarus 20180110
K7AntiVirus 20180110
K7GW 20180110
Kingsoft 20180110
Malwarebytes 20180110
Microsoft 20180110
NANO-Antivirus 20180110
nProtect 20180110
Rising 20180110
Sophos AV 20180110
SUPERAntiSpyware 20180110
Symantec 20180110
Symantec Mobile Insight 20180110
Tencent 20180110
TheHacker 20180108
TotalDefense 20180110
TrendMicro 20180110
TrendMicro-HouseCall 20180110
Trustlook 20180110
VBA32 20180110
ViRobot 20180110
WhiteArmor 20180110
Yandex 20180109
Zillya 20180108
Zoner 20180110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
PT. it-comp ©2008 - 2017

Product IdeaVb
Original name IdeaVB.exe
Internal name IdeaVB
File version 1.00.0002
Description But a bigger problem is that employers know why people get a PhD in comp Lit or Religious Studies
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-01-09 15:41:40
Entry Point 0x00001150
Number of sections 3
PE sections
PE imports
EVENT_SINK_QueryInterface
Ord(645)
Ord(537)
Ord(648)
Ord(516)
EVENT_SINK_Invoke
Ord(617)
EVENT_SINK_AddRef
Ord(650)
Ord(300)
EVENT_SINK_GetIDsOfNames
Ord(600)
__vbaExceptHandler
Ord(632)
MethCallEngine
DllFunctionCall
Zombie_GetTypeInfoCount
Ord(100)
Zombie_GetTypeInfo
Ord(599)
Ord(608)
Ord(519)
Ord(571)
Ord(573)
ProcCallEngine
Ord(606)
EVENT_SINK_Release
Ord(595)
Ord(593)
Ord(306)
Ord(644)
Ord(631)
Number of PE resources by type
RT_ICON 6
AVI26587413 2
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
GERMAN LUXEMBOURG 2
RUSSIAN 1
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.2

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
But a bigger problem is that employers know why people get a PhD in comp Lit or Religious Studies

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
131072

EntryPoint
0x1150

OriginalFileName
IdeaVB.exe

MIMEType
application/octet-stream

LegalCopyright
PT. it-comp 2008 - 2017

FileVersion
1.00.0002

TimeStamp
2018:01:09 16:41:40+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
IdeaVB

ProductVersion
1.00.0002

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
102400

ProductName
IdeaVb

ProductVersionNumber
1.0.0.2

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 68a633ec2861d25d2095267f97b5e2bd
SHA1 166d327caaa742837065f2ba217a52de4b66957b
SHA256 4b72c8316994764c1d414ffe99fdae1d711ba7a30c82c317b74cca69d51f659f
ssdeep
6144:e1I5SHvDn5SHvDxTjCzmLofQFFP5SHvDn5SHvDz:8vyvlTjufcFevyvP

authentihash 122a0d7041e5511c3d8930313f8339c24ed95e13103d729efa887f3e5f29b22d
imphash 1c704fdccaa9db328b16d61da5ef13fe
File size 232.0 KB ( 237568 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (88.6%)
Win32 Executable (generic) (4.8%)
OS/2 Executable (generic) (2.1%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-01-10 12:02:16 UTC ( 1 year, 2 months ago )
Last submission 2018-05-10 03:49:46 UTC ( 10 months, 2 weeks ago )
File names IdeaVB.exe
stsvc.exe
IdeaVB
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!