× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4d988335170d2922d6d68d2c6387617c6d53bb12983859436fbf31b65a541887
File name: m.exe
Detection ratio: 19 / 55
Analysis date: 2015-10-29 08:48:36 UTC ( 1 year, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2832472 20151029
Arcabit Trojan.Generic.D2B3858 20151029
Avast Win32:Malware-gen 20151029
BitDefender Trojan.GenericKD.2832472 20151029
Emsisoft Trojan.GenericKD.2832472 (B) 20151029
ESET-NOD32 a variant of Win32/Injector.CLIP 20151029
F-Secure Trojan.GenericKD.2832472 20151029
GData Trojan.GenericKD.2832472 20151029
Ikarus Trojan.Win32.Injector 20151029
K7AntiVirus Trojan ( 004d546c1 ) 20151029
K7GW Trojan ( 004d546c1 ) 20151029
Kaspersky Trojan.Win32.Yakes.mzzo 20151029
McAfee Artemis!EFC7210F7DBC 20151029
McAfee-GW-Edition BehavesLike.Win32.Dropper.bm 20151029
eScan Trojan.GenericKD.2832472 20151029
nProtect Trojan.GenericKD.2832472 20151029
Rising PE:Malware.Obscure/Heur!1.9E03 [F] 20151028
SUPERAntiSpyware Trojan.Agent/Gen-Crypto 20151028
Tencent Win32.Trojan.Inject.Auto 20151029
AegisLab 20151029
Yandex 20151028
AhnLab-V3 20151028
Alibaba 20151029
ALYac 20151101
Antiy-AVL 20151029
AVG 20151029
Avira (no cloud) 20151029
AVware 20151029
Baidu-International 20151028
Bkav 20151028
ByteHero 20151029
CAT-QuickHeal 20151029
ClamAV 20151029
CMC 20151029
Comodo 20151029
Cyren 20151029
DrWeb 20151029
F-Prot 20151029
Fortinet 20151029
Jiangmin 20151028
Malwarebytes 20151029
Microsoft 20151029
NANO-Antivirus 20151029
Panda 20151028
Qihoo-360 20151029
Sophos 20151029
Symantec 20151028
TheHacker 20151028
TrendMicro 20151029
TrendMicro-HouseCall 20151029
VBA32 20151028
VIPRE 20151029
ViRobot 20151029
Zillya 20151029
Zoner 20151029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
????(C) 2015

Product dibedit
Original name dibedit.exe
Internal name dibedit
File version 1, 0, 0, 1
Description dibedit
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-28 03:26:25
Entry Point 0x00021F08
Number of sections 6
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
GetFileSecurityW
RegCloseKey
GetUserNameW
RegOpenKeyExW
RegEnumKeyW
SetFileSecurityW
RegSetValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyA
RegCreateKeyW
RegQueryValueExW
RegQueryValueW
RegSetValueExW
ImageList_Read
ImageList_Write
ImageList_Destroy
ImageList_Merge
ImageList_Create
Ord(17)
Ord(14)
ImageList_LoadImageW
Ord(13)
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetNearestColor
CombineRgn
PlayMetaFile
GetROP2
GetViewportOrgEx
GetObjectType
SetColorAdjustment
EndDoc
DeleteObject
IntersectClipRect
OffsetWindowOrgEx
GetTextFaceW
CreatePalette
GetPolyFillMode
SetTextAlign
GetDCOrgEx
StretchDIBits
ScaleViewportExtEx
ArcTo
SetWindowExtEx
ExtCreatePen
SetBkColor
GetBkColor
SetRectRgn
TextOutW
CreateFontIndirectW
GetClipBox
GetCurrentPositionEx
CreateRectRgnIndirect
LPtoDP
GetPixel
PolyDraw
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
OffsetClipRgn
BitBlt
SetAbortProc
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
StartDocW
SelectPalette
SetROP2
EndPage
GetTextColor
Escape
SetViewportExtEx
PlayMetaFileRecord
GetWindowExtEx
PatBlt
CreatePen
EnumMetaFile
SetStretchBltMode
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetMapMode
GetCharWidthW
StartPage
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreateDIBPatternBrushPt
ExtTextOutW
SelectClipPath
RectVisible
GetStockObject
UnrealizeObject
SelectClipRgn
GetTextAlign
GetTextExtentPoint32A
SetWindowOrgEx
GetClipRgn
GetViewportExtEx
SetTextCharacterExtra
GetTextExtentPoint32W
CreatePatternBrush
PolylineTo
CreateHalftonePalette
GetBkMode
SaveDC
RestoreDC
SetMapperFlags
CreateSolidBrush
CreateBitmap
SetTextColor
MoveToEx
SetViewportOrgEx
SetArcDirection
CreateCompatibleDC
PolyBezierTo
CreateFontW
CreateRectRgn
SelectObject
SetPolyFillMode
CopyMetaFileW
SetTextJustification
GetStretchBltMode
DPtoLP
AbortDoc
CreateCompatibleBitmap
GetStdHandle
FileTimeToSystemTime
SetEvent
HeapDestroy
IsBadCodePtr
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
SetErrorMode
FreeEnvironmentStringsW
lstrcatW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
lstrcmpiA
GetStringTypeA
GetDiskFreeSpaceW
WriteFile
FormatMessageW
WaitForSingleObject
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
GetProfileIntW
ResumeThread
GetEnvironmentVariableA
LoadResource
GetStringTypeExW
FindClose
TlsGetValue
MoveFileW
SetFileAttributesW
GetCurrentThread
SetLastError
GetSystemTime
InitializeCriticalSection
CopyFileW
SuspendThread
GetModuleFileNameW
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GlobalHandle
LoadLibraryA
EnumSystemLocalesA
SetConsoleCtrlHandler
GetVolumeInformationW
InterlockedDecrement
MultiByteToWideChar
FatalAppExitA
GetPrivateProfileStringW
GetModuleHandleA
GetFullPathNameW
GlobalAddAtomW
CreateThread
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
VirtualQuery
LocalFileTimeToFileTime
CreateEventW
SetEndOfFile
GetVersion
InterlockedIncrement
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetLastError
GetOEMCP
IsBadWritePtr
TlsAlloc
VirtualProtect
GetVersionExA
lstrcmpiW
RtlUnwind
GlobalFindAtomW
GlobalSize
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
GetStartupInfoW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetTempFileNameW
CompareStringW
lstrcpyW
GlobalReAlloc
lstrcmpA
GetCurrentThreadId
CompareStringA
FindFirstFileW
IsValidLocale
DuplicateHandle
GetProcAddress
GlobalAlloc
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GlobalGetAtomNameW
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
lstrlenA
GlobalFree
LCMapStringA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentDirectoryW
LockResource
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
WritePrivateProfileStringW
lstrcpynW
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
SizeofResource
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
IsBadReadPtr
SetThreadPriority
GetProcessVersion
VirtualAlloc
SysStringByteLen
SafeArrayDestroyData
SysAllocString
SafeArrayCreate
SafeArrayAllocDescriptor
VariantCopy
SafeArrayGetElemsize
SafeArrayAllocData
SafeArrayDestroyDescriptor
SafeArrayAccessData
SafeArrayGetLBound
VarBstrFromDate
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayLock
VariantChangeType
SafeArrayGetElement
SafeArrayPtrOfIndex
VarBstrFromCy
VarCyFromStr
SafeArrayRedim
SafeArrayCopy
VariantClear
VarDateFromStr
SafeArrayGetDim
SafeArrayPutElement
DragAcceptFiles
DragQueryFileW
DragFinish
SHGetFileInfoW
ExtractIconW
RedrawWindow
GetMessagePos
SetMenuItemBitmaps
LoadBitmapW
MoveWindow
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
EndPaint
ScrollWindowEx
EndDialog
WindowFromPoint
GetMessageTime
SendMessageW
SetActiveWindow
GetDC
GetCursorPos
ReleaseDC
GetDlgCtrlID
DefFrameProcW
UnregisterClassW
GetClassInfoW
DefWindowProcW
DrawTextW
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
CountClipboardFormats
GetTopWindow
OpenClipboard
GetWindowTextW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
GetMenuItemID
DestroyWindow
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
GetMenuState
GetMessageW
ShowWindow
SetPropW
SetDlgItemInt
PeekMessageW
TranslateMDISysAccel
GetTabbedTextExtentA
EnableWindow
SetWindowPlacement
CharUpperW
GetSystemMenu
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetWindow
GetDlgItemInt
SetClipboardData
SetParent
RegisterClassW
IsZoomed
IsWindowVisible
LoadStringW
DrawMenuBar
IsIconic
InvertRect
GetSubMenu
SetTimer
GetActiveWindow
IsDialogMessageW
FillRect
CopyRect
DeferWindowPos
GetDialogBaseUnits
CreateWindowExW
TabbedTextOutW
GetWindowLongW
PtInRect
IsChild
MapWindowPoints
RegisterWindowMessageW
BeginPaint
OffsetRect
DefMDIChildProcW
GetScrollPos
KillTimer
GetClipboardData
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
IntersectRect
ShowOwnedPopups
SendDlgItemMessageW
PostMessageW
CheckDlgButton
CheckMenuItem
GetLastActivePopup
SetWindowTextW
GetDCEx
GetDlgItem
RemovePropW
BringWindowToTop
GetWindowPlacement
ClientToScreen
TrackPopupMenu
CheckRadioButton
GetMenuItemCount
IsDlgButtonChecked
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
ReuseDDElParam
DispatchMessageW
InsertMenuW
SetForegroundWindow
SetFocus
GetMenuStringW
EmptyClipboard
CreateDialogIndirectParamW
GetScrollRange
GetScrollInfo
ModifyMenuW
FindWindowW
GetCapture
ScreenToClient
MessageBeep
LoadMenuW
RemoveMenu
wvsprintfW
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
GetMenu
SetMenu
SetRectEmpty
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
SetDlgItemTextW
SetScrollInfo
GetKeyState
EndDeferWindowPos
DestroyIcon
ShowScrollBar
WinHelpW
UnpackDDElParam
SystemParametersInfoW
SetRect
DeleteMenu
InvalidateRect
CallWindowProcW
GetClassNameW
GetClientRect
EnableMenuItem
ValidateRect
IsRectEmpty
GetFocus
wsprintfW
CloseClipboard
GetDlgItemTextW
SetCursor
UnhookWindowsHookEx
TranslateAcceleratorW
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
CommDlgExtendedError
PageSetupDlgW
ReadClassStg
CoUninitialize
CoInitialize
CoTaskMemAlloc
ReadFmtUserTypeStg
ReleaseStgMedium
StringFromCLSID
SetConvertStg
CoCreateInstance
WriteClassStg
CreateBindCtx
CoDisconnectObject
OleRegGetUserType
OleDuplicateData
CoTaskMemFree
CoTreatAsClass
WriteFmtUserTypeStg
CoGetClassObject
Number of PE resources by type
RT_DIALOG 26
RT_STRING 12
RT_BITMAP 6
RT_CURSOR 6
RT_GROUP_CURSOR 5
Struct(241) 2
RT_MENU 2
RT_ACCELERATOR 2
RT_VERSION 1
Number of PE resources by language
CHINESE SIMPLIFIED 33
ENGLISH US 25
GERMAN SWISS 2
GERMAN 1
GERMAN AUSTRIAN 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
245760

ImageVersion
0.0

ProductName
dibedit

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
German (Austrian)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
dibedit.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 1

TimeStamp
2015:10:28 04:26:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
dibedit

ProductVersion
1, 0, 0, 1

FileDescription
dibedit

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
(C) 2015

MachineType
Intel 386 or later, and compatibles

CodeSize
528384

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x21f08

ObjectFileType
Executable application

File identification
MD5 efc7210f7dbce441f74e3c9f07f28a2e
SHA1 2875c7bbd0fde444e900df2ed33d00dfb56a6cb8
SHA256 4d988335170d2922d6d68d2c6387617c6d53bb12983859436fbf31b65a541887
ssdeep
12288:Q0KSYyS3lt0fXe0AlLr47CoopNCLT7JH7vw2D5oE5HUv:QtyQG/OLrMCoo747JH7Yj

authentihash 6e3e23c745eb6bd48605b10731d5062d2aa2ba56bc844f622da6a10c905b589f
imphash 61cbe730056f618905d290837a16e2bb
File size 744.0 KB ( 761856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (48.1%)
Win32 Executable MS Visual C++ (generic) (34.9%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Generic Win/DOS Executable (2.2%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-28 14:37:29 UTC ( 1 year, 6 months ago )
Last submission 2015-11-17 09:26:02 UTC ( 1 year, 6 months ago )
File names M.exe
m.exe
135184701
efc7210f7dbce441f74e3c9f07f28a2e(1)
dibedit.exe
dibedit
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs