× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 57fc9239b4fbd8a56464a8fe747c17fb602349f2b53c70edf98225651c051a2d
File name: full_porno.avi.exe
Detection ratio: 6 / 43
Analysis date: 2012-01-26 11:28:35 UTC ( 7 years, 2 months ago ) View latest
Antivirus Result Update
CAT-QuickHeal (Suspicious) - DNAScan 20120125
Fortinet W32/Kryptik.ZCY!tr 20120126
Kaspersky Trojan.Win32.Yakes.nsj 20120126
Microsoft Trojan:Win32/Ransom.DV 20120126
NOD32 a variant of Win32/Kryptik.ZLM 20120126
Panda Suspicious file 20120125
AhnLab-V3 20120125
AntiVir 20120126
Antiy-AVL 20120126
Avast 20120126
AVG 20120126
BitDefender 20120126
ByteHero 20120125
ClamAV 20120126
Commtouch 20120126
Comodo 20120125
DrWeb 20120126
Emsisoft 20120126
eSafe 20120125
eTrust-Vet 20120125
F-Prot 20120125
F-Secure 20120126
GData 20120126
Ikarus 20120126
Jiangmin 20120125
K7AntiVirus 20120125
McAfee 20120126
McAfee-GW-Edition 20120126
Norman 20120126
nProtect 20120126
PCTools 20120126
Prevx 20120126
Rising 20120118
Sophos AV 20120126
SUPERAntiSpyware 20120126
Symantec 20120126
TheHacker 20120126
TrendMicro 20120126
TrendMicro-HouseCall 20120126
VBA32 20120125
VIPRE 20120126
ViRobot 20120126
VirusBuster 20120126
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
JuVWasreLTD Copyright © 2006-2010 All Rights Reserved.

Product ©JuiretWare
Original name wocbdeapfzo.exe
Internal name wocbdeapfzo
File version 5 Alpha115 RC29718 4.1583
Description ©JuiretWare
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-01-25 16:24:30
Entry Point 0x00001C01
Number of sections 4
PE sections
PE imports
ImageGetDigestStream
GetMailslotInfo
WriteFileEx
SetEndOfFile
CreateFileA
CreateMailslotA
VirtualAlloc
ReadConsoleOutputA
RtlGetLastWin32Error
PE exports
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
8704

ImageVersion
1.0

ProductName
JuiretWare

FileVersionNumber
1.0.3.69

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
JuiretWare

CharacterSet
Unicode

LinkerVersion
11.7

FileTypeExtension
exe

OriginalFileName
wocbdeapfzo.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5 Alpha115 RC29718 4.1583

TimeStamp
2012:01:25 17:24:30+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
wocbdeapfzo

ProductVersion
2 Alpha13 RC56952

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
JuVWasreLTD Copyright 2006-2010 All Rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
JuVWasreLTD

CodeSize
8192

FileSubtype
0

ProductVersionNumber
3.0.101.3

EntryPoint
0x1c01

ObjectFileType
Executable application

File identification
MD5 f827fa03cfc544fc0d37128fdbb7891f
SHA1 98a6f78d09519c7b25aaaa096d860f49b84f92d7
SHA256 57fc9239b4fbd8a56464a8fe747c17fb602349f2b53c70edf98225651c051a2d
ssdeep
384:Nt+igLKha1UVAOomoJHbvxtrxlM6Qvjneer:Nt+iKCa1JnXrsnee

authentihash cf87924dead76f425cff0ba5fbbd77bef6de58ef9ef8b9d473591dcee09f5293
imphash 59365dbb3164851866b0d4a556bf6437
File size 17.5 KB ( 17920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.2%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2012-01-26 11:28:35 UTC ( 7 years, 2 months ago )
Last submission 2015-11-09 19:15:11 UTC ( 3 years, 5 months ago )
File names 98a6f78d09519c7b25aaaa096d860f49b84f92d7.bin
full_porno.avi.exe
ls97viHado.html
wocbdeapfzo.exe
full_porno.avi.ex!
wocbdeapfzo
f827fa03cfc544fc0d37128fdbb7891f.exe
test (584).exe
goMexXz3Rz.gif
full_virus.avi.exe
f827fa03cfc544fc0d37128fdbb7891f
test.txt
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!