× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 56153785238c33023e58e0e7bb9cb0a5320cca6a9a24503b3c2d87e7c68d243e
File name: lea.exe
Detection ratio: 3 / 49
Analysis date: 2014-01-21 03:26:30 UTC ( 2 months, 3 weeks ago ) View latest
Antivirus Result Update
AVG Luhe.Fiha.A 20140121
Ikarus Trojan-Banker.Win32.Banker 20140121
Kaspersky HEUR:Trojan.Win32.Generic 20140121
Ad-Aware 20140121
Agnitum 20140120
AhnLab-V3 20140120
AntiVir 20140121
Antiy-AVL 20140120
Avast 20140121
Baidu-International 20131213
BitDefender 20140121
Bkav 20140120
ByteHero 20140114
CAT-QuickHeal 20140120
CMC 20140115
ClamAV 20140121
Commtouch 20140120
Comodo 20140121
DrWeb 20140121
ESET-NOD32 20140121
Emsisoft 20140121
F-Prot 20140121
F-Secure 20140121
Fortinet 20140121
GData 20140121
Jiangmin 20140120
K7AntiVirus 20140120
K7GW 20140120
Kingsoft 20130829
Malwarebytes 20140121
McAfee 20140121
McAfee-GW-Edition 20140120
MicroWorld-eScan 20140121
Microsoft 20140121
NANO-Antivirus 20140121
Norman 20140120
Panda 20140120
Rising 20140121
SUPERAntiSpyware 20140120
Sophos 20140121
Symantec 20140121
TheHacker 20140120
TotalDefense 20140120
TrendMicro 20140121
TrendMicro-HouseCall 20140121
VBA32 20140120
VIPRE 20140121
ViRobot 20140120
nProtect 20140120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Publisher Proc.Jeta Corp.
File version 4.0.0.0
Description Soft Adsense
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-20 16:29:43
Entry Point 0x00205D2C
Number of sections 10
PE sections
PE imports
SHGetFolderPathW
URLDownloadToFileW
RegCreateKeyExW
RegFlushKey
RegConnectRegistryW
RegCloseKey
RegRestoreKeyW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW
RegSaveKeyW
RegReplaceKeyW
RegLoadKeyW
RegUnLoadKeyW
RegOpenKeyExA
RegQueryValueExW
ImageList_BeginDrag
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_GetImageInfo
FlatSB_SetScrollInfo
ImageList_SetImageCount
FlatSB_GetScrollInfo
ImageList_GetDragImage
FlatSB_SetScrollProp
ImageList_Create
ImageList_DragMove
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_Read
ImageList_Replace
ImageList_SetOverlayImage
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
ImageList_GetIcon
FlatSB_SetScrollPos
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
InitializeFlatSB
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Remove
ImageList_Copy
ImageList_LoadImageW
ImageList_EndDrag
SetDIBits
GetTextMetricsW
GetWindowOrgEx
GetPaletteEntries
CopyEnhMetaFileW
SetPixel
EndDoc
IntersectClipRect
AngleArc
GetTextExtentPointW
CreatePalette
CreateDIBitmap
GetDIBits
GetEnhMetaFileBits
StretchBlt
StretchDIBits
ArcTo
Pie
Arc
SetBkColor
SetWinMetaFileBits
GetDIBColorTable
DeleteEnhMetaFile
CreateFontIndirectW
SetStretchBltMode
EnumFontsW
GetCurrentPositionEx
GetPixel
GetBrushOrgEx
ExcludeClipRect
SetBkMode
BitBlt
SetAbortProc
FrameRgn
CreateBrushIndirect
SelectPalette
SetROP2
EndPage
AbortDoc
SetDIBColorTable
DeleteObject
CreatePenIndirect
PatBlt
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetSystemPaletteEntries
StartPage
GetObjectW
CreateDCW
RealizePalette
SetEnhMetaFileBits
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
UnrealizeObject
GdiFlush
RoundRect
GetWinMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
Polygon
CreateHalftonePalette
GetRgnBox
SaveDC
CreateICW
MaskBlt
GetEnhMetaFilePaletteEntries
RestoreDC
GetBitmapBits
CreateDIBSection
SetTextColor
ExtFloodFill
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
ExtTextOutW
CreateCompatibleDC
PolyBezierTo
PolyBezier
Chord
SetBrushOrgEx
CreateRectRgn
SelectObject
Ellipse
CreateSolidBrush
Polyline
StartDocW
CreateCompatibleBitmap
SetThreadLocale
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
WaitForSingleObject
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
OpenFileMappingW
LocalAlloc
GetVolumeInformationW
SetErrorMode
GetLocaleInfoW
IsDBCSLeadByteEx
WideCharToMultiByte
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
GetThreadPriority
SetEvent
LocalFree
FormatMessageW
ResumeThread
EnumCalendarInfoW
InitializeCriticalSection
LoadResource
GetLogicalDriveStringsW
FindClose
TlsGetValue
QueryDosDeviceW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
InterlockedDecrement
GlobalFindAtomW
SuspendThread
GetModuleFileNameW
TryEnterCriticalSection
IsDebuggerPresent
ExitProcess
InterlockedExchangeAdd
SetThreadPriority
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
FatalAppExitA
CreateMutexA
GetModuleHandleA
GetFullPathNameW
GlobalAddAtomW
CreateThread
GetSystemDefaultUILanguage
GetExitCodeThread
MulDiv
ExitThread
WaitForMultipleObjectsEx
GetVersion
VirtualQuery
SearchPathA
VirtualQueryEx
CreateEventW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
EnumSystemLocalesW
LoadLibraryA
RtlUnwind
CopyFileW
GetFileSize
GetDateFormatW
GetStartupInfoW
GetCPInfo
DeleteFileW
GetProcAddress
GetComputerNameW
EnumResourceNamesW
CompareStringW
RemoveDirectoryW
FindFirstFileA
ResetEvent
FindFirstFileW
IsValidLocale
GlobalLock
CreateFileMappingW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
LeaveCriticalSection
GetLastError
GlobalDeleteAtom
GetSystemInfo
GlobalFree
GetConsoleCP
FindResourceW
GetThreadLocale
GlobalUnlock
IsDBCSLeadByte
GlobalAlloc
lstrlenW
WinExec
SwitchToThread
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
InterlockedCompareExchange
GetCurrentThread
lstrcpynW
RaiseException
MapViewOfFile
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
FreeResource
GetCPInfoExW
UnmapViewOfFile
GetTempPathW
VirtualFree
Sleep
VirtualAlloc
CompareStringA
AlphaBlend
GradientFill
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoCreateInstance
IsEqualGUID
CoTaskMemFree
CoTaskMemAlloc
VariantChangeType
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayUnaccessData
VariantCopyInd
VariantClear
SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
GetErrorInfo
SysFreeString
SafeArrayPutElement
VariantInit
Shell_NotifyIconW
MapWindowPoints
GetMessagePos
SetWindowRgn
RedrawWindow
LoadBitmapW
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
WindowFromPoint
DrawIcon
CharUpperBuffW
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
GetMenuStringW
SendMessageW
EndMenu
SendMessageA
UnregisterClassW
GetClientRect
GetMenuItemInfoW
DefMDIChildProcW
DrawTextW
SetScrollPos
CallNextHookEx
GetSysColor
GetKeyboardState
ClientToScreen
GetTopWindow
GetWindowTextW
MsgWaitForMultipleObjects
ScrollWindow
CopyImage
PtInRect
DrawEdge
GetParent
UpdateWindow
GetPropW
SetClassLongW
EnumWindows
ShowWindow
DrawFrameControl
SetPropW
GetDesktopWindow
CharToOemBuffA
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
CharUpperW
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
ActivateKeyboardLayout
RegisterClassW
GetIconInfo
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
LoadStringW
GetKeyboardLayoutList
DrawMenuBar
OemToCharBuffA
IsIconic
GetSubMenu
SetTimer
OemToCharA
GetActiveWindow
IsDialogMessageW
FillRect
EnumThreadWindows
MonitorFromPoint
CreateAcceleratorTableW
GetSysColorBrush
IsWindowUnicode
CreateWindowExW
GetWindowLongW
CharNextW
IsChild
IsDialogMessageA
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
CopyIcon
GetKeyboardLayoutNameW
KillTimer
MapVirtualKeyW
GetClipboardData
GetClassInfoExW
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
EnumChildWindows
DrawTextExW
GetMessageExtraInfo
CharLowerW
PostMessageW
GetKeyNameTextW
WaitMessage
CreatePopupMenu
ShowCaret
DrawFocusRect
GetClassLongW
GetLastActivePopup
DrawIconEx
SetWindowTextW
GetDCEx
RemovePropW
GetSystemMenu
ScreenToClient
TrackPopupMenu
GetMenuItemCount
GetMenuState
ShowOwnedPopups
LoadCursorW
LoadIconW
FindWindowExW
GetDC
InsertMenuW
SetForegroundWindow
OpenClipboard
EmptyClipboard
CharLowerBuffW
GetScrollRange
GetScrollInfo
HideCaret
GetKeyboardLayout
FindWindowW
GetCapture
GetDlgCtrlID
MessageBeep
RemoveMenu
GetWindowThreadProcessId
ShowScrollBar
MessageBoxW
GetMenu
MonitorFromRect
DestroyIcon
UnhookWindowsHookEx
LoadKeyboardLayoutW
MessageBoxA
GetWindowDC
DestroyCursor
AdjustWindowRectEx
MsgWaitForMultipleObjectsEx
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
EnableMenuItem
EnumDisplayMonitors
DefFrameProcW
IsWindowVisible
CharToOemA
SetCursorPos
SystemParametersInfoW
DispatchMessageW
FrameRect
SetRect
DeleteMenu
InvalidateRect
CreateIcon
CallWindowProcW
GetClassNameW
DestroyWindow
GetClassInfoW
MonitorFromWindow
SetWindowsHookExW
GetCursor
GetFocus
CreateMenu
EnableWindow
CloseClipboard
CheckMenuItem
SetMenu
SetCursor
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
ClosePrinter
DocumentPropertiesW
GetDefaultPrinterW
EnumPrintersW
OpenPrinterW
Number of PE resources by type
RT_STRING 43
RT_ICON 10
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_RCDATA 5
RT_MANIFEST 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 47
ENGLISH US 28
PORTUGUESE BRAZILIAN 1
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
452608

ImageVersion
0.0

FileVersionNumber
4.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

LinkerVersion
2.25

MIMEType
application/octet-stream

FileVersion
4.0.0.0

TimeStamp
2014:01:20 17:29:43+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:02:25 04:39:47+01:00

ProductVersion
1.0.0.0

FileDescription
Soft Adsense

OSVersion
5.0

FileCreateDate
2014:02:25 04:39:47+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Proc.Jeta Corp.

CodeSize
2115584

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x205d2c

ObjectFileType
Executable application

File identification
MD5 a1e7a1456d9adb18e68cd4f7c8a9072c
SHA1 5fc08b0cab5d95381d18e8e4f6c383861b5d0426
SHA256 56153785238c33023e58e0e7bb9cb0a5320cca6a9a24503b3c2d87e7c68d243e
ssdeep
49152:vm4SyilG0oGHefYq42USwiRjSarmgLHwbcNTC5oUWDCN3ksh1bwRK4v7CZmow97:vm45WCC531J

imphash ff77009882bc7d79a87d01af48324cc4
File size 2.5 MB ( 2569216 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (67.7%)
Win32 EXE PECompact compressed (generic) (25.6%)
Win32 Executable (generic) (2.7%)
Win16/32 Executable Delphi generic (1.2%)
Generic Win/DOS Executable (1.2%)
Tags
peexe

VirusTotal metadata
First submission 2014-01-21 03:26:30 UTC ( 2 months, 3 weeks ago )
Last submission 2014-02-25 03:39:27 UTC ( 1 month, 3 weeks ago )
File names output.19790998.txt
19790998
56153785238c33023e58e0e7bb9cb0a5320cca6a9a24503b3c2d87e7c68d243e.exe
1.exe
lea.png
a1e7a1456d9adb18e68cd4f7c8a9072c.virus
6.exe
lea.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!