× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4dcefcc8111fc742fef902c505423e3901718a181c9e31aea54edfce4279b8fa
File name: [21452]tb.exe.#
Detection ratio: 4 / 42
Analysis date: 2011-06-05 11:07:29 UTC ( 7 years, 4 months ago )
Antivirus Result Update
BitDefender Gen:Variant.Kazy.25619 20110605
F-Secure Gen:Variant.Kazy.25619 20110605
GData Gen:Variant.Kazy.25619 20110605
nProtect Gen:Variant.Kazy.25619 20110605
AhnLab-V3 20110603
AntiVir 20110605
Antiy-AVL 20110605
Avast 20110605
Avast5 20110605
AVG 20110605
CAT-QuickHeal 20110605
ClamAV 20110605
Commtouch 20110604
Comodo 20110605
DrWeb 20110605
Emsisoft 20110605
eSafe 20110602
eTrust-Vet 20110603
F-Prot 20110604
Fortinet 20110604
Ikarus 20110605
Jiangmin 20110601
K7AntiVirus 20110604
Kaspersky 20110605
McAfee 20110605
McAfee-GW-Edition 20110605
Microsoft 20110605
NOD32 20110605
Norman 20110604
Panda 20110604
PCTools 20110603
Prevx 20110605
Rising 20110603
Sophos AV 20110605
SUPERAntiSpyware 20110605
TheHacker 20110604
TrendMicro 20110605
TrendMicro-HouseCall 20110605
VBA32 20110603
VIPRE 20110605
ViRobot 20110604
VirusBuster 20110604
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
SetStretchBltMode
StretchBlt
DeleteDC
CreateCompatibleBitmap
DeleteObject
SelectObject
CreateCompatibleDC
CreateDIBSection
GetDIBits
CreateDCW
BitBlt
SetBkColor
CreateBitmap
CreateSolidBrush
GetFontData
SetBrushOrgEx
GetObjectW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoA
ExitProcess
GetTickCount
CreateEventW
QueryPerformanceCounter
GlobalMemoryStatus
GetDiskFreeSpaceExW
GetLongPathNameA
Process32First
Process32Next
OpenProcess
OpenThread
SuspendThread
ResumeThread
lstrcpyA
CreateToolhelp32Snapshot
Thread32First
Thread32Next
LCMapStringW
GetModuleFileNameW
CreateDirectoryW
SetFileAttributesW
CreateDirectoryA
SetFileAttributesA
OutputDebugStringW
OutputDebugStringA
GetModuleFileNameA
SetCurrentDirectoryA
GetCommandLineA
GetModuleHandleA
GetConsoleOutputCP
GetPriorityClass
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
TerminateThread
CloseHandle
CreateThread
SetThreadPriority
Sleep
GetCurrentProcess
SetPriorityClass
SetErrorMode
GetCurrentThreadId
lstrlenA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
PathIsDirectoryW
PathFileExistsA
PathAddBackslashW
PathFileExistsW
PathRemoveFileSpecW
PathRemoveFileSpecA
DestroyWindow
FindWindowW
SendMessageA
PostMessageA
EnableWindow
PeekMessageA
GetDesktopWindow
RegisterClassA
GetWindowTextA
GetWindowThreadProcessId
IsIconic
GetMessageA
EnumThreadWindows
wvsprintfW
DispatchMessageA
TranslateMessage
LoadIconA
LoadCursorA
RegisterClassExA
FindWindowA
CreateWindowExA
ShowWindow
UpdateWindow
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
UnregisterClassA
IsWindowVisible
File identification
MD5 7ee4ac2a7f4cb463f8932ebee20ed537
SHA1 2e27326e1f00f1bcf1f4e0292a74551ca43bd916
SHA256 4dcefcc8111fc742fef902c505423e3901718a181c9e31aea54edfce4279b8fa
ssdeep
12288:rzFosPfAdWEBbU+W8vfRp0ZiQhZpJkG7ngT:rzOGAdHbC8MXnpJkG

File size 449.0 KB ( 459776 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2011-06-05 11:07:29 UTC ( 7 years, 4 months ago )
Last submission 2011-06-05 11:07:29 UTC ( 7 years, 4 months ago )
File names [21452]tb.exe.#
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!