× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 57dceae17325f0157e3ab7661b45caff8f8e1b11f773c8ff4ef1cf59d1d558b8
File name: 57DCEAE17325F0157E3AB7661B45CAFF8F8E1B11F773C8FF4EF1CF59D1D558B8
Detection ratio: 1 / 54
Analysis date: 2016-02-08 12:32:44 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM07.1.Malware.Gen 20160208
Ad-Aware 20160208
AegisLab 20160208
Yandex 20160206
AhnLab-V3 20160208
Alibaba 20160204
Antiy-AVL 20160208
Arcabit 20160208
Avast 20160208
AVG 20160208
Avira (no cloud) 20160208
Baidu-International 20160208
BitDefender 20160208
Bkav 20160204
ByteHero 20160208
CAT-QuickHeal 20160208
ClamAV 20160206
CMC 20160205
Comodo 20160208
Cyren 20160208
DrWeb 20160208
Emsisoft 20160208
ESET-NOD32 20160208
F-Prot 20160129
F-Secure 20160208
Fortinet 20160208
GData 20160208
Ikarus 20160208
Jiangmin 20160208
K7AntiVirus 20160208
K7GW 20160208
Kaspersky 20160208
Malwarebytes 20160208
McAfee 20160208
McAfee-GW-Edition 20160208
Microsoft 20160208
eScan 20160208
NANO-Antivirus 20160208
nProtect 20160205
Panda 20160207
Rising 20160208
Sophos AV 20160208
SUPERAntiSpyware 20160208
Symantec 20160207
Tencent 20160208
TheHacker 20160206
TotalDefense 20160208
TrendMicro 20160208
TrendMicro-HouseCall 20160208
VBA32 20160208
VIPRE 20160208
ViRobot 20160208
Zillya 20160208
Zoner 20160208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-02-14 07:57:49
Entry Point 0x00015A96
Number of sections 4
PE sections
PE imports
GetTextMetricsW
ResizePalette
GetEnhMetaFileBits
GetTextMetricsA
GetCharABCWidthsA
PlayMetaFile
GetROP2
GetViewportOrgEx
GetObjectType
GetTextExtentPointA
CopyEnhMetaFileW
IntersectClipRect
CopyEnhMetaFileA
EqualRgn
GetPolyFillMode
GetDIBits
SetTextAlign
GetDCOrgEx
StretchBlt
GetTextFaceA
CloseFigure
SetWindowExtEx
GetFontData
ResetDCW
GetBkColor
GetTextCharsetInfo
DeleteEnhMetaFile
GetSystemPaletteEntries
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
LPtoDP
GetEnhMetaFileW
EnumFontsA
GetBitmapBits
GetBrushOrgEx
SetBkMode
SetMetaFileBitsEx
GetRegionData
EnumFontFamiliesA
FrameRgn
SelectPalette
SetBkColor
StrokePath
SetWinMetaFileBits
ScaleWindowExtEx
CloseEnhMetaFile
SetROP2
EndPage
GetNearestPaletteIndex
SetDIBColorTable
EnumEnhMetaFile
CancelDC
GetTextColor
PtVisible
Escape
BeginPath
DeleteObject
PlayMetaFileRecord
GetWindowExtEx
PatBlt
SetColorSpace
SetStretchBltMode
GetCharABCWidthsFloatW
Rectangle
GetObjectA
GetWorldTransform
EnumMetaFile
StartPage
CreateDCW
CreateHatchBrush
GetRgnBox
ExtTextOutA
GetTextAlign
GetWinMetaFileBits
GetEnhMetaFileHeader
GetClipRgn
CreatePolygonRgn
CreateICA
CreateHalftonePalette
GetGlyphOutlineW
GetBkMode
SaveDC
CreateICW
SetDeviceGammaRamp
ModifyWorldTransform
GetGlyphOutlineA
GetDeviceGammaRamp
RestoreDC
FillPath
GetCurrentObject
CreateFontA
EnumFontFamiliesExW
SetViewportOrgEx
AbortPath
CreateRoundRectRgn
CreateCompatibleDC
PolyBezier
PolyPolygon
SetBrushOrgEx
SelectObject
SetPolyFillMode
AbortDoc
Ellipse
GetStartupInfoA
EnumSystemLocalesA
GlobalAddAtomW
GetNamedPipeInfo
GetModuleHandleA
CreateIoCompletionPort
CreateProcessW
CreateSemaphoreW
GetSystemDefaultLCID
CreateDirectoryW
Ord(324)
Ord(3825)
Ord(3147)
Ord(2124)
Ord(1775)
Ord(3830)
Ord(1059)
Ord(4627)
Ord(3597)
Ord(1039)
Ord(3738)
Ord(4853)
Ord(3136)
Ord(1040)
Ord(2982)
Ord(3079)
Ord(2512)
Ord(3262)
Ord(4234)
Ord(1576)
Ord(1089)
Ord(2055)
Ord(4837)
Ord(5307)
Ord(5241)
Ord(3798)
Ord(3259)
Ord(3081)
Ord(2648)
Ord(4407)
Ord(2446)
Ord(4353)
Ord(4079)
Ord(1020)
Ord(2725)
Ord(5065)
Ord(5289)
Ord(1093)
Ord(2396)
Ord(6376)
Ord(561)
Ord(3831)
Ord(6374)
Ord(3346)
Ord(5302)
Ord(1072)
Ord(1727)
Ord(1168)
Ord(2976)
Ord(2985)
Ord(5163)
Ord(2385)
Ord(815)
Ord(4486)
Ord(4078)
Ord(5300)
Ord(4698)
Ord(4998)
Ord(5280)
Ord(3922)
Ord(5277)
Ord(2514)
Ord(5265)
Ord(3749)
Ord(2554)
Ord(5199)
Ord(4441)
Ord(4274)
Ord(5261)
Ord(4465)
Ord(1034)
Ord(5731)
Ord(1094)
__p__fmode
__CxxFrameHandler
_acmdln
strtod
_adjust_fdiv
__setusermatherr
_setmbcp
_mbspbrk
_onexit
_chgsign
abs
exit
__dllonexit
__getmainargs
_initterm
_controlfp
__p__commode
__set_app_type
ToUnicodeEx
Number of PE resources by type
RT_DIALOG 10
RT_RCDATA 7
RT_ICON 3
RT_GROUP_ICON 3
skEw73221 1
mX066 1
i2CqC 1
iE51a 1
RT_MENU 1
g1M5v5ct03 1
gS472sp 1
RT_VERSION 1
qus3q8H 1
Number of PE resources by language
NEUTRAL 32
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.105.31.81

UninitializedDataSize
0

LanguageCode
Unknown (COIN)

FileFlagsMask
0x003f

CharacterSet
Unknown (CIDENTALLY)

InitializedDataSize
114688

EntryPoint
0x15a96

MIMEType
application/octet-stream

LegalCopyright
2018 (C) 2010

FileVersion
Anticipative 0,202,4,1

TimeStamp
2007:02:14 08:57:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Comparability

ProductVersion
0,185,2,21

FileDescription
Clusters Ambushing Attics

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
United Online, Inc.

CodeSize
86016

ProductName
Catastrophic Affirmative

ProductVersionNumber
0.79.116.8

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 212c91939f00c3031ce3352e7cca5fe8
SHA1 be177b53fd56034c209c14722c467b419219df0b
SHA256 57dceae17325f0157e3ab7661b45caff8f8e1b11f773c8ff4ef1cf59d1d558b8
ssdeep
6144:1jGjAoGv9IGStbamnxj922mUr1A/huwmK:1SjAPRmxj9MMjwN

authentihash 906d6d6540d0f63264e2afee84d8fb8857586ac1639f1fca30e696b62222956a
imphash 8deda1444ed6c75352726df98fdfee48
File size 200.0 KB ( 204800 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (49.4%)
Windows screen saver (23.4%)
Win32 Dynamic Link Library (generic) (11.7%)
Win32 Executable (generic) (8.0%)
Generic Win/DOS Executable (3.5%)
Tags
peexe

VirusTotal metadata
First submission 2016-02-08 12:32:44 UTC ( 3 years, 2 months ago )
Last submission 2016-06-20 23:26:37 UTC ( 2 years, 10 months ago )
File names jdowyhyc.exe
212c91939f00c3031ce3352e7cca5fe8
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!