× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 54fe830483c7dfd67dda1f380a7b14a424f9bdce2761ce18504cb154698b6e83
File name: ba10b54c547e58d64d9cbbcdffe4fe6893e0bc69
Detection ratio: 37 / 68
Analysis date: 2017-12-19 07:27:26 UTC ( 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.227149 20171219
AegisLab Uds.Dangerousobject.Multi!c 20171219
AhnLab-V3 Trojan/Win32.Emotet.R215820 20171219
ALYac Gen:Variant.Razy.227149 20171219
Arcabit Trojan.Razy.D3774D 20171219
Avast Win32:Malware-gen 20171219
AVG Win32:Malware-gen 20171219
Avira (no cloud) TR/Crypt.ZPACK.lbxpd 20171218
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20171219
BitDefender Gen:Variant.Razy.227149 20171219
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20171016
Cybereason malicious.c547e5 20171103
Cylance Unsafe 20171219
Emsisoft Gen:Variant.Razy.227149 (B) 20171219
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/Kryptik.GARX 20171219
F-Secure Gen:Variant.Razy.227149 20171219
Fortinet W32/Kryptik.FZTF!tr 20171219
GData Win32.Trojan-Spy.Emotet.HW 20171219
Ikarus Trojan.Win32.Krypt 20171218
Sophos ML heuristic 20170914
K7AntiVirus Trojan ( 00520db61 ) 20171219
K7GW Trojan ( 00520db61 ) 20171219
Kaspersky Trojan.Win32.Dovs.eai 20171219
Malwarebytes Trojan.Downloader 20171219
MAX malware (ai score=100) 20171219
McAfee GenericR-LEG!A9E624BC687A 20171219
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.ch 20171219
eScan Gen:Variant.Razy.227149 20171219
Palo Alto Networks (Known Signatures) generic.ml 20171219
Panda Trj/Genetic.gen 20171218
Qihoo-360 HEUR/QVM20.1.EB3C.Malware.Gen 20171219
SentinelOne (Static ML) static engine - malicious 20171207
Sophos AV Mal/EncPk-ANR 20171219
TrendMicro-HouseCall TROJ_GEN.R002H0CLI17 20171219
Webroot W32.Trojan.Emotet 20171219
ZoneAlarm by Check Point Trojan.Win32.Dovs.eai 20171219
Alibaba 20171219
Antiy-AVL 20171219
Avast-Mobile 20171218
AVware 20171219
Bkav 20171218
CAT-QuickHeal 20171219
ClamAV 20171219
CMC 20171218
Comodo 20171218
Cyren 20171219
DrWeb 20171219
eGambit 20171219
F-Prot 20171219
Jiangmin 20171218
Kingsoft 20171219
Microsoft 20171219
NANO-Antivirus 20171219
nProtect 20171219
Rising 20171219
SUPERAntiSpyware 20171219
Symantec 20171219
Symantec Mobile Insight 20171219
Tencent 20171219
TheHacker 20171210
TotalDefense 20171219
TrendMicro 20171219
Trustlook 20171219
VBA32 20171218
VIPRE 20171219
ViRobot 20171219
WhiteArmor 20171204
Yandex 20171216
Zillya 20171218
Zoner 20171219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright© Bucanier Rom Comp 1999-2010

Product Custom Sata Collectors Doorin
Original name pircdse
Internal name pircds
File version 2.0.7
Description Custom Sata Collect Doors
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-12-18 01:01:59
Entry Point 0x00001930
Number of sections 7
PE sections
PE imports
GetCharWidthA
DeleteObject
SetTextColor
CreateRectRgn
GetLastError
IsWow64Process
CreateThread
WaitForSingleObject
lstrlenA
lstrcatA
lstrcpyA
CreateFileW
WriteFile
Sleep
CloseHandle
GetUserDefaultLCID
FindNextChangeNotification
SetupGetTargetPathW
SetupGetSourceFileLocationW
GetCursorPos
GetWindowRgn
IsClipboardFormatAvailable
GetCaretBlinkTime
GetIconInfo
LoadIconA
SetClipboardData
LoadMenuA
EnumWindows
DialogBoxParamA
FindWindowA
timeGetSystemTime
Number of PE resources by type
RT_DIALOG 14
RT_GROUP_ICON 2
RT_VERSION 1
Number of PE resources by language
ITALIAN 17
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
12.14

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.1.0.17

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
114688

EntryPoint
0x1930

OriginalFileName
pircdse

MIMEType
application/octet-stream

LegalCopyright
Copyright Bucanier Rom Comp 1999-2010

FileVersion
2.0.7

TimeStamp
2017:12:18 02:01:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
pircds

ProductVersion
4.30.6

FileDescription
Custom Sata Collect Doors

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bucanier Rom

CodeSize
0

ProductName
Custom Sata Collectors Doorin

ProductVersionNumber
2.1.0.17

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a9e624bc687a278f0751a94fd85ccd82
SHA1 ba10b54c547e58d64d9cbbcdffe4fe6893e0bc69
SHA256 54fe830483c7dfd67dda1f380a7b14a424f9bdce2761ce18504cb154698b6e83
ssdeep
1536:7jFLTPQoPsT2hPD5TLE1GxVL8Z1SZvkQHNoKeTBUNbLXqYSkgMwD25GKI:lL7jPJ5TLEiVwI/oPNUNbLXynT

authentihash 27470cdfe6cf6c14ff11ccb72d8aabf13f40fa409e2ae32b3a608570404d723b
imphash 14aa9fe350666cf918343be1c9b2c338
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-12-18 02:52:06 UTC ( 6 months ago )
Last submission 2017-12-18 02:52:06 UTC ( 6 months ago )
File names pircds
ba10b54c547e58d64d9cbbcdffe4fe6893e0bc69
pircdse
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Searched windows
UDP communications