× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 59eb9c33dbb36beb1d63fd7f5748ad1a4fb01beb0d0b69c5455f31097338947b
File name: 2ab571afa51d70b8a2fc8272cd1f0a21
Detection ratio: 33 / 57
Analysis date: 2015-03-19 20:21:44 UTC ( 4 years ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2214889 20150319
Yandex TrojanSpy.Zbot!7yc8MeVNoz0 20150319
AhnLab-V3 Trojan/Win32.MDA 20150319
ALYac Trojan.GenericKD.2214889 20150319
Antiy-AVL Trojan[Spy]/Win32.Zbot 20150319
Avast MSIL:GenMalicious-DYH [Trj] 20150319
AVG Zbot.ZHN 20150319
Avira (no cloud) TR/Crypt.ZPACK.100044 20150319
AVware Trojan.Win32.Generic!BT 20150319
Baidu-International Trojan.Win32.Zbot.vdsh 20150319
BitDefender Trojan.GenericKD.2214889 20150319
Emsisoft Trojan.GenericKD.2214889 (B) 20150319
ESET-NOD32 Win32/Spy.Zbot.ACB 20150319
F-Secure Trojan.GenericKD.2214889 20150319
Fortinet MSIL/Injector.IJG!tr 20150319
GData Trojan.GenericKD.2214889 20150319
K7AntiVirus Spyware ( 004a08e61 ) 20150319
K7GW Spyware ( 004a08e61 ) 20150319
Kaspersky Trojan-Spy.Win32.Zbot.vdsh 20150319
Malwarebytes Trojan.MSIL.ED 20150319
McAfee Artemis!2AB571AFA51D 20150319
McAfee-GW-Edition BehavesLike.Win32.Trojan.cc 20150319
Microsoft PWS:Win32/Zbot.gen!VM 20150319
eScan Trojan.GenericKD.2214889 20150319
NANO-Antivirus Trojan.Win32.Zbot.dpcpim 20150319
nProtect Trojan.GenericKD.2214889 20150319
Panda Trj/CI.A 20150318
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20150319
Sophos AV Mal/MSIL-NB 20150319
Tencent Win32.Trojan-spy.Zbot.Htwf 20150319
TrendMicro TROJ_FORUCON.BMC 20150319
TrendMicro-HouseCall TROJ_FORUCON.BMC 20150319
VIPRE Trojan.Win32.Generic!BT 20150319
AegisLab 20150319
Alibaba 20150319
Bkav 20150319
ByteHero 20150319
CAT-QuickHeal 20150319
ClamAV 20150319
CMC 20150317
Comodo 20150319
Cyren 20150319
DrWeb 20150319
F-Prot 20150319
Ikarus 20150319
Jiangmin 20150319
Kingsoft 20150319
Norman 20150319
Rising 20150319
SUPERAntiSpyware 20150319
Symantec 20150319
TheHacker 20150319
TotalDefense 20150319
VBA32 20150319
ViRobot 20150319
Zillya 20150319
Zoner 20150319
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
TappingsWitticismArrester

Publisher AdventurismBeelineAdenoid CalibrateAssociativity
Product TearsAssociateship
Original name TwitchesBestsellers.exe
Internal name TwitchesBestsellers.exe
File version 7.5.5.0
Description AbstainersToast
Comments VocativeWaitedAlarms
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-20 22:35:27
Entry Point 0x0002DE5E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
ExifTool file metadata
LegalTrademarks
SuperstitionsWilier

SubsystemVersion
4.0

Comments
VocativeWaitedAlarms

LinkerVersion
4.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.5.5.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
AbstainersToast

CharacterSet
Unicode

InitializedDataSize
2048

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
TappingsWitticismArrester

FileVersion
7.5.5.0

TimeStamp
2012:02:20 23:35:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TwitchesBestsellers.exe

ProductVersion
7.5.5.0

UninitializedDataSize
0

OSVersion
4.0

OriginalFilename
TwitchesBestsellers.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AdventurismBeelineAdenoid CalibrateAssociativity

CodeSize
180224

ProductName
TearsAssociateship

ProductVersionNumber
7.5.5.0

EntryPoint
0x2de5e

ObjectFileType
Executable application

AssemblyVersion
7.0.6.7

File identification
MD5 2ab571afa51d70b8a2fc8272cd1f0a21
SHA1 10eeb2b06e07527ff0492a57bebf14bedda37807
SHA256 59eb9c33dbb36beb1d63fd7f5748ad1a4fb01beb0d0b69c5455f31097338947b
ssdeep
3072:OIH8zUnKCCNvMa5asZtSZHJ1aVY0YolfX/KrcrvNN+xoX220v8Hy/Gyiv:TczEKuaYsZOXtGfX/lDaoX2dwWx

authentihash 6d22dbde61a0a7999782fc9487c1399477d67b92960fcb9d32d28b5e26dd4731
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 178.5 KB ( 182784 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-03-19 20:21:44 UTC ( 4 years ago )
Last submission 2015-04-01 22:59:06 UTC ( 3 years, 11 months ago )
File names TwitchesBestsellers.exe
2AB571AFA51D70B8A2FC8272CD1F0A21.k7v
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!