× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 52ef30ff225f23d850201ac8a39a94bb916c44a3377d11b3273a1172ebbf778b
File name: beep.sys
Detection ratio: 22 / 41
Analysis date: 2009-07-24 12:11:10 UTC ( 7 years, 11 months ago ) View latest
Antivirus Result Update
a-squared Riskware.Winnt!IK 20090724
Authentium W32/SYStroj.H.gen!Eldorado 20090724
Avast Win32:Agent-QNI 20090724
BitDefender Generic.Malware.P!.A56331D8 20090724
CAT-QuickHeal Backdoor.UltimateDefender.xm 20090724
eTrust-Vet Win32/Eldycow!generic 20090724
F-Prot W32/SYStroj.H.gen!Eldorado 20090723
F-Secure Rootkit:W32/Xanti.gen!A 20090724
GData Generic.Malware.P!.A56331D8 20090724
Ikarus Virtool.Winnt 20090724
Jiangmin Rootkit.Agent.cll 20090724
Kaspersky Backdoor.Win32.UltimateDefender.xm 20090724
McAfee FakeAlert-C.dr 20090723
McAfee+Artemis FakeAlert-C.dr 20090723
McAfee-GW-Edition Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Rootkit.H 20090724
Microsoft VirTool:WinNT/Xantvi.gen!A 20090724
NOD32 probably a variant of Win32/UltimateDefender.A 20090724
Panda Trj/CI.A 20090724
Rising Trojan.DL.Win32.Braviax.ac 20090724
Sophos Mal/FakeAle-C 20090724
Symantec Trojan.Virantix.C 20090724
VBA32 Backdoor.Win32.UltimateDefender.xm 20090724
AhnLab-V3 20090724
AntiVir 20090724
Antiy-AVL 20090724
AVG 20090724
ClamAV 20090724
Comodo 20090724
DrWeb 20090724
eSafe 20090723
Fortinet 20090724
K7AntiVirus 20090723
Norman 20090722
nProtect 20090724
PCTools 20090723
Prevx 20090724
Sunbelt 20090723
TheHacker 20090724
TrendMicro 20090724
ViRobot 20090724
VirusBuster 20090723
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-07-23 15:55:57
Entry Point 0x00001F52
Number of sections 2
PE sections
PE imports
KfRaiseIrql
HalMakeBeep
ExReleaseFastMutex
ExAcquireFastMutex
KfLowerIrql
ZwDeleteValueKey
RtlInitUnicodeString
ZwTerminateProcess
ExReleaseResourceLite
ZwQuerySystemInformation
KeInitializeEvent
ZwCreateKey
PsSetLoadImageNotifyRoutine
ZwOpenProcess
ZwWriteFile
MmCreateMdl
MmLockPagableDataSection
IoCreateDevice
RtlUnicodeStringToAnsiString
IoDeleteDevice
IoReleaseCancelSpinLock
MmPageEntireDriver
IoStartPacket
KeCancelTimer
ExAllocatePoolWithTag
KeServiceDescriptorTable
MmBuildMdlForNonPagedPool
IofCompleteRequest
tolower
KeSetTimer
KeInitializeTimer
RtlFreeAnsiString
ExAcquireResourceExclusiveLite
ExFreePoolWithTag
KeInitializeDpc
IoAcquireCancelSpinLock
MmMapLockedPages
KeRemoveEntryDeviceQueue
RtlInitAnsiString
ZwCreateFile
MmUnlockPagableImageSection
ZwSetValueKey
KeRemoveDeviceQueue
ZwClose
IoStartNextPacket
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2009:07:23 16:55:57+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
8192

LinkerVersion
8.0

FileAccessDate
2014:04:27 01:00:01+01:00

EntryPoint
0x1f52

InitializedDataSize
20480

SubsystemVersion
4.0

ImageVersion
4.0

OSVersion
4.0

FileCreateDate
2014:04:27 01:00:01+01:00

UninitializedDataSize
0

File identification
MD5 b040b5812b6668a232b18d397f721741
SHA1 fc43b56b25cf0b83acdff11edb8835b495ac2f0e
SHA256 52ef30ff225f23d850201ac8a39a94bb916c44a3377d11b3273a1172ebbf778b
ssdeep
384:go2QC3w/4rSYrPIVkRSo41N0p+s25oHwjHqEaCgSwJzDnA7azp6g9sEQQvs5m6T:goJSwASFo41Nu+vKzQgSQD6u6MsEj7

imphash 5f73fcb443007c1a96d676ec62df1f75
File size 32.0 KB ( 32768 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2009-07-24 08:00:18 UTC ( 7 years, 11 months ago )
Last submission 2014-04-26 23:59:10 UTC ( 3 years, 1 month ago )
File names VirusShare_b040b5812b6668a232b18d397f721741
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!