× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5151f73d999f275cb68cf4c2dc73bcedb984b54e946f6718134f3c7ac5661b50
File name: 26cc2ebbffd1d21fec0811a6d4355abc
Detection ratio: 16 / 54
Analysis date: 2014-07-01 04:21:18 UTC ( 2 years, 12 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Zbot 20140630
AntiVir TR/Injector.840704.1 20140701
Avast Win32:VB-AILK [Trj] 20140701
ByteHero Virus.Win32.Heur.p 20140701
CMC Heur.Win32.Veebee.1!O 20140630
ESET-NOD32 a variant of Win32/Injector.BGHG 20140701
Fortinet W32/VB.ALO!tr 20140701
Kaspersky HEUR:Trojan.Win32.Generic 20140701
Malwarebytes Trojan.Zbot 20140701
McAfee RDN/Generic.dx!ddn 20140701
McAfee-GW-Edition Artemis!26CC2EBBFFD1 20140701
Qihoo-360 Malware.QVM03.Gen 20140701
Sophos Mal/Generic-S 20140701
Tencent Win32.Trojan.Generic.Hssy 20140701
TrendMicro-HouseCall TROJ_GEN.R011H07FU14 20140701
VIPRE Trojan.Win32.Generic.pak!cobra 20140701
Ad-Aware 20140701
AegisLab 20140701
Yandex 20140630
Antiy-AVL 20140630
AVG 20140701
Baidu-International 20140630
BitDefender 20140701
Bkav 20140630
CAT-QuickHeal 20140701
ClamAV 20140630
Commtouch 20140701
Comodo 20140701
DrWeb 20140701
Emsisoft 20140701
F-Prot 20140629
F-Secure 20140701
GData 20140701
Ikarus 20140701
Jiangmin 20140630
K7AntiVirus 20140630
K7GW 20140630
Kingsoft 20140701
Microsoft 20140701
eScan 20140701
NANO-Antivirus 20140701
Norman 20140630
nProtect 20140630
Panda 20140630
Rising 20140630
SUPERAntiSpyware 20140701
Symantec 20140701
TheHacker 20140630
TotalDefense 20140630
TrendMicro 20140701
VBA32 20140630
ViRobot 20140701
Zillya 20140630
Zoner 20140630
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher Native Instruments
Product Stanner arbitre
Original name Beat.exe
Internal name Beat
File version 3.08.0007
Description Ripecks pierre
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-06-23 09:25:25
Entry Point 0x00001424
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
_adj_fpatan
__vbaEnd
EVENT_SINK_QueryInterface
__vbaInStrB
_allmul
Ord(579)
__vbaR8Cy
__vbaAryUnlock
_adj_fprem
__vbaRedimPreserve
__vbaAryMove
Ord(512)
Ord(586)
EVENT_SINK_AddRef
__vbaDateVar
__vbaInStr
_adj_fdiv_m32i
Ord(717)
Ord(673)
__vbaSetSystemError
__vbaFreeVarList
__vbaGosubFree
DllFunctionCall
__vbaFPException
__vbaFpCSngR4
_adj_fdivr_m16i
__vbaVar2Vec
EVENT_SINK_Release
Ord(589)
Ord(100)
__vbaAryLock
_adj_fdivr_m64
__vbaFreeVar
_adj_fdiv_r
_CItan
_adj_fdiv_m64
__vbaFreeObj
__vbaHresultCheckObj
_CIsqrt
_CIsin
_CIlog
__vbaI2Cy
__vbaStrVarVal
_CIcos
Ord(713)
Ord(587)
_adj_fptan
__vbaGosub
__vbaVarDup
__vbaStrCopy
__vbaFpCy
__vbaVarMove
__vbaErrorOverflow
_CIatan
Ord(608)
__vbaNew2
__vbaVarCat
__vbaOnError
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaStrMove
Ord(540)
_adj_fprem1
_adj_fdivr_m32
__vbaStrCat
Ord(537)
__vbaFreeStrList
Ord(609)
Ord(598)
__vbaFreeStr
_adj_fdiv_m16i
__vbaExceptHandler
Number of PE resources by type
RT_ICON 5
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
3.8

FileSubtype
0

FileVersionNumber
3.8.0.7

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
131072

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
3.08.0007

TimeStamp
2014:06:23 10:25:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Beat

FileAccessDate
2014:07:01 05:31:59+01:00

ProductVersion
3.08.0007

FileDescription
Ripecks pierre

OSVersion
4.0

FileCreateDate
2014:07:01 05:31:59+01:00

OriginalFilename
Beat.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Native Instruments

CodeSize
729088

ProductName
Stanner arbitre

ProductVersionNumber
3.8.0.7

EntryPoint
0x1424

ObjectFileType
Executable application

File identification
MD5 26cc2ebbffd1d21fec0811a6d4355abc
SHA1 0133d3d459237213d58f0519cb23ea546ae4597f
SHA256 5151f73d999f275cb68cf4c2dc73bcedb984b54e946f6718134f3c7ac5661b50
ssdeep
12288:zW9X2sAnCyz9uTzHSxfW0WS7ABVTUKRAruroJFtkOeFaQGuCY3uI36nAvo74:SgzuaCv1

imphash e76374b27a94bca977a1a43f8edf77df
File size 821.0 KB ( 840704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2014-07-01 04:21:18 UTC ( 2 years, 12 months ago )
Last submission 2014-07-01 04:21:18 UTC ( 2 years, 12 months ago )
File names Beat
26cc2ebbffd1d21fec0811a6d4355abc
Beat.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!