× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4d281e126285a81cfbef8da104d7e7c74cc51a3b4f0fb99df50a381ef42e5819
File name: BWRaeper.exe
Detection ratio: 15 / 41
Analysis date: 2009-06-04 18:02:35 UTC ( 4 years, 10 months ago ) View latest
Antivirus Result Update
AntiVir Worm/AutoIt.AA 20090604
BitDefender Win32.Worm.AutoIt.AA 20090604
CAT-QuickHeal Trojan.Agent.IRC 20090604
Comodo Unclassified Malware 20090604
Fortinet PossibleThreat 20090604
GData Win32.Worm.AutoIt.AA 20090604
K7AntiVirus Trojan.Win32.Malware.1 20090604
McAfee+Artemis Artemis!A2C3236951A2 20090603
McAfee-GW-Edition Worm.AutoIt.AA 20090604
Panda Suspicious file 20090603
Prevx High Risk Worm 20090604
Sophos Mal/Generic-A 20090604
Sunbelt Worm.Autoit.AA 20090603
a-squared Worm.Autoit.AA!IK 20090604
eSafe Win32.Banker 20090604
AVG 20090604
AhnLab-V3 20090604
Antiy-AVL 20090604
Authentium 20090603
Avast 20090604
ClamAV 20090604
DrWeb 20090604
F-Prot 20090603
F-Secure 20090604
Ikarus 20090604
Kaspersky 20090604
McAfee 20090604
Microsoft 20090604
NOD32 20090604
NOD32Beta 20090604
Norman 20090603
PCTools 20090602
Rising 20090604
Symantec 20090604
TheHacker 20090603
TrendMicro 20090604
VBA32 20090603
ViRobot 20090604
VirusBuster 20090604
eTrust-Vet 20090604
nProtect 20090604
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright (c) 2007

Product BWRaeper
Original name BWRaeper.exe
Internal name BWRaeper.exe
File version 1.0.0.0
Description BWRaeper
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-06-23 10:47:55
Entry Point 0x0000540E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
8192

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007

FileVersion
1.0.0.0

TimeStamp
2007:06:23 11:47:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BWRaeper.exe

ProductVersion
1.0.0.0

FileDescription
BWRaeper

OSVersion
4.0

OriginalFilename
BWRaeper.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
16384

ProductName
BWRaeper

ProductVersionNumber
1.0.0.0

EntryPoint
0x540e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 a2c3236951a25c9fd74fa1708c5a8adc
SHA1 53a00f20bbd39e80f63a33368f6f1c7b040fc5de
SHA256 4d281e126285a81cfbef8da104d7e7c74cc51a3b4f0fb99df50a381ef42e5819
ssdeep
384:v3MatqAsOaC7UoPdUAf8Iw/aIpZnU4uJkYC:v1kIwaqOkYC

File size 28.0 KB ( 28672 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable Generic (48.0%)
Generic CIL Executable (.NET, Mono, etc.) (41.1%)
Windows Screen Saver (7.3%)
Win16/32 Executable Delphi generic (1.1%)
Generic Win/DOS Executable (1.1%)
Tags
peexe

VirusTotal metadata
First submission 2008-06-05 22:38:51 UTC ( 5 years, 10 months ago )
Last submission 2012-12-10 20:31:08 UTC ( 1 year, 4 months ago )
File names 53a00f20bbd39e80f63a33368f6f1c7b040fc5de.bin
file-21959_exe
BWRaeper.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!