× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 59731b0fd7a5981dfa5241bafeb7ec2b20581ee5e8d3a6a02e6bafad6c77c63f
File name: Server_Attack_By-_C-4.exe
Detection ratio: 7 / 40
Analysis date: 2009-06-12 22:29:20 UTC ( 4 years, 10 months ago ) View latest
Antivirus Result Update
AntiVir SPR/ServerAttack.F 20090612
Antiy-AVL Worm/Win32.Polip.gen 20090612
CAT-QuickHeal Trojan.Agent.ATV 20090612
Ikarus Virus.Win32.Trojan 20090612
McAfee+Artemis Artemis!86F9033E934D 20090612
a-squared Virus.Win32.Trojan!IK 20090612
eSafe Win32.Banker 20090611
AVG 20090612
AhnLab-V3 20090612
Authentium 20090612
Avast 20090612
BitDefender 20090612
ClamAV 20090612
Comodo 20090612
DrWeb 20090612
F-Prot 20090612
F-Secure 20090612
Fortinet 20090612
GData 20090612
K7AntiVirus 20090612
Kaspersky 20090612
McAfee 20090612
Microsoft 20090612
NOD32 20090612
NOD32Beta 20090612
Norman 20090612
PCTools 20090612
Panda 20090612
Prevx 20090612
Rising 20090612
Sophos 20090612
Sunbelt 20090612
Symantec 20090612
TheHacker 20090611
TrendMicro 20090612
VBA32 20090612
ViRobot 20090612
VirusBuster 20090612
eTrust-Vet 20090612
nProtect 20090612
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Publisher Explicit - Freaks
Product Project1
Original name Server Attack.exe
Internal name Server Attack
File version 1.00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-04-18 02:53:22
Link date 3:53 AM 4/18/2004
Entry Point 0x00001564
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
_CIlog
Ord(518)
EVENT_SINK_Release
__vbaEnd
EVENT_SINK_QueryInterface
__vbaVarDup
_adj_fdivr_m64
_adj_fprem
EVENT_SINK_AddRef
__vbaLenBstr
_adj_fpatan
__vbaFreeObjList
Ord(303)
Ord(300)
Ord(301)
__vbaInStr
_adj_fdiv_m32i
Ord(608)
Ord(307)
__vbaSetSystemError
__vbaFreeVarList
DllFunctionCall
__vbaFPException
__vbaStrVarMove
__vbaStrToUnicode
_adj_fdivr_m16i
__vbaStrMove
_adj_fdiv_r
Ord(100)
__vbaFreeObj
__vbaVarIndexLoad
__vbaFreeVar
__vbaBoolVarNull
_adj_fprem1
__vbaObjSetAddref
Ord(309)
_adj_fdiv_m64
__vbaI4Str
__vbaHresultCheckObj
_CIsqrt
_CIsin
Ord(711)
__vbaInStrVar
_allmul
_CIcos
Ord(595)
_adj_fptan
__vbaI2Var
Ord(612)
__vbaStrCopy
Ord(306)
__vbaI4Var
__vbaLateIdCall
__vbaObjSet
Ord(607)
_CIatan
__vbaI2I4
__vbaNew2
__vbaErrorOverflow
__vbaLateIdSt
__vbaLateIdCallLd
__vbaOnError
_adj_fdivr_m32i
_CItan
_CIexp
__vbaStrI2
__vbaStrToAnsi
__vbaStrI4
_adj_fdivr_m32
__vbaStrCat
__vbaFreeStrList
__vbaVarCat
Ord(598)
__vbaFreeStr
_adj_fdiv_m16i
__vbaExceptHandler
Number of PE resources by type
RT_ICON 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
ENGLISH US 1
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
12288

ImageVersion
1.0

ProductName
Project1

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
6.0

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
1.0

TimeStamp
2004:04:18 03:53:22+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Server Attack

FileAccessDate
2014:04:11 08:18:16+01:00

ProductVersion
1.0

SubsystemVersion
4.0

OSVersion
4.0

FileCreateDate
2014:04:11 08:18:16+01:00

OriginalFilename
Server Attack.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Explicit - Freaks

CodeSize
32768

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1564

ObjectFileType
Executable application

PE resource-wise parents
Compressed bundles
File identification
MD5 86f9033e934d795e3afc8c4ea3cc1beb
SHA1 ca8a4f8247e5b9bb34d8c79fbc871d95c69eafec
SHA256 59731b0fd7a5981dfa5241bafeb7ec2b20581ee5e8d3a6a02e6bafad6c77c63f
ssdeep
768:N9iLR4zvPWd0ffBG+kqiV8FlQ9OYWQ+Lp:N9iLyzHWd0fpgyF6cjQ+Lp

imphash 5314d0ce5c003b0fd4e1c17f634d5913
File size 48.0 KB ( 49152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe mz

VirusTotal metadata
First submission 2006-07-15 21:00:17 UTC ( 7 years, 9 months ago )
Last submission 2014-04-11 07:18:11 UTC ( 1 week, 5 days ago )
File names ll.exe
Server_Attack_By-Scifen.exe
smona132753399857486573699
tyty.exe
"Server Attack By- C-4.exe"
Server_Attack2.exe
smona_59731b0fd7a5981dfa5241bafeb7ec2b20581ee5e8d3a6a02e6bafad6c77c63f.bin
DDoS.exe
Server Attack By-Scifen.exe
Server-Attack-By--C-4.exe
Server Attack
$DOS.Win32.Agent!E2|0004800.exe
vt-upload-oS_QC
1_zeros_server_at.exe
Server Attack By-Scifen and Zero_z (DoS).exe
Server Attack By- C-4 zero team.exe
zero.exe
Server Attack By- cLamb.exe
Zeros Server Attack.exe
file-3011090_exe
zeros_server_attack.exe
Server Attack.exe
Server Attack By C4.exe
40b2adeb00c5e5ebc0d500a4fed89700b6c22d28.exe
Eddie_s_Server_Attacker.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!