× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5fb54ec0e0e3f1dc75c72d4ac1b1e4af6188f695fb689548261f2bedc9fda226
File name: a9552661fe2fd5a6c5f3723f2d6a0da4876d6db1
Detection ratio: 23 / 50
Analysis date: 2014-03-13 07:29:57 UTC ( 4 years, 8 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.347893 20140313
AhnLab-V3 Trojan/Win32.Zbot 20140313
AntiVir TR/ZbotCitadel.A.570 20140313
Avast Sf:ShellCode-G [Trj] 20140313
AVG Win32/Cryptor 20140312
Baidu-International Trojan.Win32.Zbot.aGJ 20140312
BitDefender Gen:Variant.Kazy.347893 20140313
Emsisoft Gen:Variant.Kazy.347893 (B) 20140313
ESET-NOD32 a variant of Win32/Kryptik.BWOR 20140313
F-Secure Gen:Variant.Kazy.347893 20140313
Fortinet W32/Zbot.BWOR!tr 20140313
GData Gen:Variant.Kazy.347893 20140313
Kaspersky Trojan-Spy.Win32.Zbot.rsen 20140313
McAfee RDN/Generic PWS.y!yv 20140313
McAfee-GW-Edition RDN/Generic PWS.y!yv 20140313
eScan Gen:Variant.Kazy.347893 20140313
Norman Troj_Generic.SYLUC 20140313
Panda Generic Malware 20140312
Qihoo-360 Win32/Trojan.BO.f1a 20140313
Sophos AV Mal/Generic-S 20140313
TrendMicro TROJ_GEN.R047C0PCB14 20140313
TrendMicro-HouseCall TROJ_GEN.R047C0PCB14 20140313
VIPRE Trojan.Win32.Generic!BT 20140313
Yandex 20140312
Antiy-AVL 20140311
Bkav 20140312
ByteHero 20140313
CAT-QuickHeal 20140313
ClamAV 20140312
CMC 20140312
Commtouch 20140313
Comodo 20140313
DrWeb 20140313
F-Prot 20140313
Ikarus 20140313
Jiangmin 20140313
K7AntiVirus 20140312
K7GW 20140312
Kingsoft 20140313
Malwarebytes 20140313
Microsoft 20140313
NANO-Antivirus 20140313
nProtect 20140312
Rising 20140312
SUPERAntiSpyware 20140313
Symantec 20140313
TheHacker 20140312
TotalDefense 20140312
VBA32 20140312
ViRobot 20140313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2013 Intent-Soft Group

Publisher Intent-Soft Group
Product WRM Advanced Client UI Converter
Original name wrmadvclientuiconvert
Internal name WRM advclient UI Converter
File version 3.5.0.1
Description WRM Advanced Client UI Converter
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-03-06 09:59:27
Entry Point 0x00006450
Number of sections 5
PE sections
PE imports
SetGraphicsMode
AddFontResourceA
CreateEllipticRgn
DeleteDC
GetBoundsRect
SelectObject
MoveToEx
CreateDIBSection
TextOutA
EnumFontFamiliesA
BitBlt
SelectClipRgn
DeleteObject
CreateCompatibleBitmap
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
GetStdHandle
HeapSetInformation
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
UnhandledExceptionFilter
WideCharToMultiByte
ExitProcess
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
GetProcessHeap
SetStdHandle
RaiseException
WriteConsoleW
GetCPInfo
GetModuleFileNameW
TlsFree
SetFilePointer
DeleteCriticalSection
ReadFile
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
WNetGetUniversalNameA
SysAllocString
wglDeleteContext
wglMakeCurrent
GetSubMenu
GetSystemMetrics
LoadCursorA
GetClassNameW
TrackPopupMenu
ReleaseDC
SendMessageA
EndPaint
GetLastActivePopup
AnyPopup
IsWindow
ValidateRect
GetClientRect
CloseWindow
DestroyMenu
CreateWindowExW
GetDlgItem
GetWindow
GetMenu
GetDC
GetParent
ClosePrinter
Number of PE resources by type
RT_ICON 3
RT_STRING 2
RT_DIALOG 1
RT_MANIFEST 1
RT_MENU 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
PE resources
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.5.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
202240

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2013 Intent-Soft Group

FileVersion
3.5.0.1

TimeStamp
2014:03:06 10:59:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
WRM advclient UI Converter

FileAccessDate
2014:03:13 08:30:08+01:00

ProductVersion
3.5.0.1

FileDescription
WRM Advanced Client UI Converter

OSVersion
5.1

FileCreateDate
2014:03:13 08:30:08+01:00

OriginalFilename
wrmadvclientuiconvert

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Intent-Soft Group

CodeSize
71680

ProductName
WRM Advanced Client UI Converter

ProductVersionNumber
3.5.0.1

EntryPoint
0x6450

ObjectFileType
Executable application

File identification
MD5 6708bde1c72bf919055598eb2601094d
SHA1 a9552661fe2fd5a6c5f3723f2d6a0da4876d6db1
SHA256 5fb54ec0e0e3f1dc75c72d4ac1b1e4af6188f695fb689548261f2bedc9fda226
ssdeep
6144:0+sO5V/Wi9G9UcmwTcgEbTarJBa8d3ZApg:OO5VL0yYTpy+rzZA

imphash 4f0756ba92301dcd517c8a05aae294d2
File size 268.5 KB ( 274944 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-03-11 00:55:39 UTC ( 4 years, 8 months ago )
Last submission 2014-03-13 07:29:57 UTC ( 4 years, 8 months ago )
File names wrmadvclientuiconvert
vt-upload-A_wg8
WRM advclient UI Converter
a9552661fe2fd5a6c5f3723f2d6a0da4876d6db1
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!