× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 59c17d6cb564edd32c770cd56b5026e4797cf9169ff549735021053268b31611
File name: Easybee-1.0.1.exe
Detection ratio: 0 / 61
Analysis date: 2017-04-14 10:35:12 UTC ( 1 year ago ) View latest
Antivirus Result Update
Ad-Aware 20170414
AegisLab 20170414
AhnLab-V3 20170414
Alibaba 20170414
ALYac 20170414
Antiy-AVL 20170414
Arcabit 20170414
Avast 20170414
AVG 20170414
Avira (no cloud) 20170414
AVware 20170410
Baidu 20170414
BitDefender 20170414
Bkav 20170414
CAT-QuickHeal 20170413
ClamAV 20170414
CMC 20170414
Comodo 20170414
CrowdStrike Falcon (ML) 20170130
Cyren 20170414
DrWeb 20170414
Emsisoft 20170414
Endgame 20170413
ESET-NOD32 20170414
F-Prot 20170414
F-Secure 20170414
Fortinet 20170414
GData 20170414
Ikarus 20170414
Sophos ML 20170413
Jiangmin 20170414
K7AntiVirus 20170414
K7GW 20170414
Kaspersky 20170414
Kingsoft 20170414
Malwarebytes 20170414
McAfee 20170412
McAfee-GW-Edition 20170414
Microsoft 20170414
eScan 20170414
NANO-Antivirus 20170414
nProtect 20170414
Palo Alto Networks (Known Signatures) 20170414
Panda 20170414
Qihoo-360 20170414
Rising 20170414
SentinelOne (Static ML) 20170330
Sophos AV 20170414
SUPERAntiSpyware 20170414
Symantec 20170413
Symantec Mobile Insight 20170414
Tencent 20170414
TheHacker 20170412
TrendMicro 20170414
TrendMicro-HouseCall 20170414
Trustlook 20170414
VBA32 20170414
VIPRE 20170414
ViRobot 20170414
Webroot 20170414
WhiteArmor 20170409
Yandex 20170413
Zillya 20170414
ZoneAlarm by Check Point 20170414
Zoner 20170414
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-12-07 20:33:20
Entry Point 0x000092CF
Number of sections 5
PE sections
PE imports
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
RtlUnwind
GetCurrentProcessId
GetModuleHandleA
InterlockedExchange
QueryPerformanceCounter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
InterlockedCompareExchange
adfw_create
adfw_setValidate
adfw_setID
adfw_delete
adfw_setProcess
mainWrapper
curl_formadd
curl_formfree
curl_easy_init
curl_slist_free_all
curl_slist_append
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
__p__fmode
malloc
realloc
memset
_controlfp
fopen
strncpy
_cexit
?terminate@@YAXXZ
memcpy
_snprintf
_XcptFilter
exit
__setusermatherr
__p__commode
_amsg_exit
_adjust_fdiv
free
ceil
__getmainargs
_exit
_initterm
__set_app_type
pcre_exec
pcre_compile
pcre_copy_substring
pcre_free
pcre_get_substring
Parameter_Boolean_getValue
Parameter_Port_getValue
Params_findParamchoice
Parameter_IPv4_getValue
Paramchoice_getValue
Params_findParameter
Parameter_String_getValue
TfRandomAscii
TfStrcasecmp
TfRandomInt
TfBase64Decode
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2009:12:07 21:33:20+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
34816

LinkerVersion
9.0

EntryPoint
0x92cf

InitializedDataSize
34304

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 2dee8e8fccd2407677fbcde415fdf27e
SHA1 d353aa075f8dbe56ab1ca9318be587f4f2173e53
SHA256 59c17d6cb564edd32c770cd56b5026e4797cf9169ff549735021053268b31611
ssdeep
1536:5jdM/juhJ6vv33Qs2dN/OaJnpAgXNljwu9Mpg0:Nd/CvQs2dNmKjXNlMpg0

authentihash 4dc24ddff697597226dee4ee62454bccbefc29584477bbd2528a6f84359379e6
imphash df9cce41f0e0ca70dd535c2414add92e
File size 68.5 KB ( 70144 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-04-14 09:50:00 UTC ( 1 year ago )
Last submission 2017-12-14 12:31:02 UTC ( 4 months, 1 week ago )
File names YzUjwp.cpl
59c17d6cb564edd32c770cd56b5026e4797cf9169ff549735021053268b31611
aa
Easybee-1.0.1.exe
Easybee-1.0.1.exe
Easybee-1.0.1.exe
Easybee-1.0.1.exe
Easybee-1.0..exe
2dee8e8fccd2407677fbcde415fdf27e
59c17d6cb564edd32c770cd56b5026e4797cf9169ff549735021053268b31611
output.111145807.txt
yDn3PzxE6.xlsm
Easybee-1.0.1.exe
easybee-1.0.1.exe
easybee-1.0.1.exe
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!