× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 51bc32788b49aca2384cd07dce9f8ac63f07f52c27cf33c938e01c64c374eee4
File name: floap.exe
Detection ratio: 11 / 66
Analysis date: 2018-10-30 11:56:00 UTC ( 4 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20181030
AVG FileRepMalware 20181030
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.1989e9 20180225
Cylance Unsafe 20181030
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CPML 20181030
Fortinet W32/Kryptik.GKDU!tr.ransom 20181030
Sophos ML heuristic 20180717
Palo Alto Networks (Known Signatures) generic.ml 20181030
Webroot W32.Trojan.Gen 20181030
Ad-Aware 20181030
AegisLab 20181030
AhnLab-V3 20181030
Alibaba 20180921
ALYac 20181030
Antiy-AVL 20181030
Arcabit 20181030
Avast-Mobile 20181030
Avira (no cloud) 20181030
Babable 20180918
Baidu 20181030
BitDefender 20181030
Bkav 20181030
CAT-QuickHeal 20181028
ClamAV 20181030
CMC 20181030
Cyren 20181030
DrWeb 20181030
eGambit 20181030
Emsisoft 20181030
F-Prot 20181030
F-Secure 20181030
GData 20181030
Ikarus 20181030
Jiangmin 20181030
K7AntiVirus 20181030
K7GW 20181030
Kaspersky 20181030
Kingsoft 20181030
Malwarebytes 20181030
MAX 20181030
McAfee 20181030
McAfee-GW-Edition 20181030
Microsoft 20181030
eScan 20181030
NANO-Antivirus 20181030
Panda 20181029
Qihoo-360 20181030
Rising 20181030
SentinelOne (Static ML) 20181011
Sophos AV 20181030
SUPERAntiSpyware 20181029
Symantec 20181029
Symantec Mobile Insight 20181026
TACHYON 20181030
Tencent 20181030
TheHacker 20181025
TrendMicro 20181030
TrendMicro-HouseCall 20181030
Trustlook 20181030
VBA32 20181030
ViRobot 20181030
Yandex 20181026
Zillya 20181029
ZoneAlarm by Check Point 20181030
Zoner 20181030
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright ©McAfee, Inc.. 1999 - 2014

Product Trivial County
File version 5.6.6.4
Description Copya Migrate Plitics Variety Confliction
Comments Copya Migrate Plitics Variety Confliction
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-30 04:06:32
Entry Point 0x00019530
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegCreateKeyExW
RevertToSelf
RegCloseKey
GetUserNameW
RegOpenKeyExW
OpenThreadToken
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
SetThreadToken
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueExW
ImageList_ReplaceIcon
ImageList_Create
Ord(17)
InitCommonControlsEx
DeleteDC
SetBkMode
GetTextExtentPoint32A
BitBlt
GetPixel
SetTextColor
GetStdHandle
GetConsoleOutputCP
HeapDestroy
DebugBreak
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
LocalFree
InitializeCriticalSection
OutputDebugStringW
InterlockedDecrement
OutputDebugStringA
SetLastError
LoadResource
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
LoadLibraryExA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FlushInstructionCache
GetModuleHandleA
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
TerminateProcess
WriteConsoleA
VirtualQuery
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
SetTapeParameters
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
GetProcAddress
GetProcessHeap
HeapValidate
CreateFileMappingA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
UnmapViewOfFile
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
IsDBCSLeadByte
GlobalAlloc
lstrlenW
GetEnvironmentStrings
GetCurrentProcessId
GetCPInfo
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FindResourceA
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
OpenEventA
VirtualAlloc
VarUI4FromStr
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
VariantInit
SafeArrayCreateVector
OleLoadPicture
linePrepareAddToConferenceA
SetFocus
RedrawWindow
GetForegroundWindow
GetParent
EndDialog
LoadMenuA
DrawStateA
CharNextA
DestroyMenu
DefWindowProcA
EnumDesktopsA
DrawFrameControl
GetNextDlgGroupItem
SetWindowPos
GetSystemMetrics
IsWindow
GetWindowRect
InflateRect
FrameRect
UnregisterClassA
LoadImageA
MapWindowPoints
MessageBoxA
PeekMessageA
SetWindowLongA
GetWindowLongA
DialogBoxParamA
GetWindow
GetSysColor
CopyImage
GetCursorPos
GetDlgCtrlID
SetWindowTextA
DestroyIcon
DrawFocusRect
SendMessageA
GetClientRect
GetDlgItem
SetMenuDefaultItem
MonitorFromWindow
ClientToScreen
InsertMenuA
GetSubMenu
LoadIconA
TrackPopupMenu
FillRect
MonitorFromPoint
CopyRect
GetSysColorBrush
CallWindowProcA
IsMenu
GetActiveWindow
GetWindowTextA
GetMonitorInfoA
InsertMenuItemA
DestroyWindow
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
WTSEnumerateSessionsA
WTSQuerySessionInformationA
WTSFreeMemory
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
PE exports
Number of PE resources by type
RT_BITMAP 12
RT_CURSOR 10
RT_ICON 6
RT_GROUP_CURSOR 3
BIN 1
RT_MANIFEST 1
WEVT_TEMPLATE 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 36
PE resources
Debug information
ExifTool file metadata
CodeSize
264704

SubsystemVersion
5.0

Comments
Copya Migrate Plitics Variety Confliction

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.6.6.4

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Copya Migrate Plitics Variety Confliction

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
1092096

EntryPoint
0x19530

MIMEType
application/octet-stream

LegalCopyright
Copyright McAfee, Inc.. 1999 - 2014

FileVersion
5.6.6.4

TimeStamp
2018:10:29 21:06:32-07:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
5.6.6.4

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
McAfee, Inc.

LegalTrademarks
Copyright McAfee, Inc.. 1999 - 2014

ProductName
Trivial County

ProductVersionNumber
5.6.6.4

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 73bbfdb1989e95d1206a90fdb330a5fe
SHA1 31b7ce2d834625f08fa5a336e5915e6668adfaa3
SHA256 51bc32788b49aca2384cd07dce9f8ac63f07f52c27cf33c938e01c64c374eee4
ssdeep
24576:M8RCFEr8W1tVIFy8aCbC8zl0LYJJyQ6+vYnbaFtMfvmdj:MwCF6Eu8zmMJyQzv9TMfut

authentihash eebdf2d7923a47a086355ac8dd1ddc2eeaf1e505c7706b95dd50e196805a4f1e
imphash 27bdd50fab8bb3c50214b2d0ac39d1c4
File size 1.3 MB ( 1357824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-30 08:21:58 UTC ( 4 months, 3 weeks ago )
Last submission 2018-10-30 23:11:18 UTC ( 4 months, 3 weeks ago )
File names floap.exe
worldtime.exe
accotenc.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Runtime DLLs