× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5fd356d494c6d628e67932a02b981c73c9d2835a95d35a7c7b9b9669ad8525c8
File name: 18517343
Detection ratio: 8 / 67
Analysis date: 2018-10-29 11:17:14 UTC ( 6 months, 4 weeks ago ) View latest
Antivirus Result Update
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181029
Endgame malicious (high confidence) 20180730
Qihoo-360 HEUR/QVM03.0.D915.Malware.Gen 20181029
SentinelOne (Static ML) static engine - malicious 20181011
TrendMicro TROJ_GEN.USJT18 20181029
TrendMicro-HouseCall TROJ_GEN.USJT18 20181029
VIPRE Trojan.Win32.Generic.pak!cobra 20181029
Ad-Aware 20181029
AegisLab 20181029
AhnLab-V3 20181029
Alibaba 20180921
ALYac 20181029
Antiy-AVL 20181029
Arcabit 20181029
Avast 20181029
Avast-Mobile 20181029
AVG 20181029
Avira (no cloud) 20181029
Babable 20180918
Baidu 20181029
BitDefender 20181029
Bkav 20181029
CAT-QuickHeal 20181028
ClamAV 20181029
CMC 20181029
Cybereason 20180225
Cyren 20181029
DrWeb 20181029
eGambit 20181029
Emsisoft 20181029
ESET-NOD32 20181029
F-Prot 20181029
F-Secure 20181029
Fortinet 20181029
GData 20181029
Ikarus 20181029
Sophos ML 20180717
Jiangmin 20181029
K7AntiVirus 20181029
K7GW 20181029
Kaspersky 20181029
Kingsoft 20181029
Malwarebytes 20181029
MAX 20181029
McAfee 20181029
McAfee-GW-Edition 20181029
Microsoft 20181029
eScan 20181029
NANO-Antivirus 20181029
Palo Alto Networks (Known Signatures) 20181029
Panda 20181028
Rising 20181029
Sophos AV 20181029
SUPERAntiSpyware 20181022
Symantec 20181029
Symantec Mobile Insight 20181026
TACHYON 20181029
Tencent 20181029
TheHacker 20181025
TotalDefense 20181029
Trustlook 20181029
VBA32 20181029
ViRobot 20181029
Webroot 20181029
Yandex 20181026
Zillya 20181028
ZoneAlarm by Check Point 20181029
Zoner 20181029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Ornitholestes

Product Tudserne6
Original name Taeniae.exe
Internal name Taeniae
File version 5.05.0005
Description Rgerrigt
Comments Synodiskes
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-28 17:55:36
Entry Point 0x000028E8
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
EVENT_SINK_Release
__vbaEnd
__vbaStrCmp
_allmul
_adj_fdivr_m64
_adj_fprem
Ord(697)
Ord(617)
Ord(709)
_adj_fpatan
EVENT_SINK_AddRef
__vbaStrToUnicode
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
__vbaFPException
__vbaStrVarMove
_adj_fdivr_m16i
_adj_fdiv_r
Ord(100)
__vbaFreeVar
_adj_fdiv_m64
__vbaFreeObj
_CIsin
_CIsqrt
__vbaHresultCheckObj
_CIlog
Ord(606)
_CIcos
EVENT_SINK_QueryInterface
_adj_fptan
_CItan
__vbaI4Var
_CIatan
__vbaNew2
__vbaOnError
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaStrMove
__vbaStrToAnsi
_adj_fprem1
_adj_fdivr_m32
__vbaFreeStrList
__vbaFreeStr
_adj_fdiv_m16i
Number of PE resources by type
RT_STRING 9
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 2
PE resources
ExifTool file metadata
CodeSize
720896

SubsystemVersion
4.0

Comments
Synodiskes

LinkerVersion
6.0

ImageVersion
5.5

FileSubtype
0

FileVersionNumber
5.5.0.5

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Rgerrigt

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
69632

EntryPoint
0x28e8

OriginalFileName
Taeniae.exe

MIMEType
application/octet-stream

LegalCopyright
Ornitholestes

FileVersion
5.05.0005

TimeStamp
2018:10:28 18:55:36+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Taeniae

ProductVersion
5.05.0005

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
logItECH

LegalTrademarks
SPHEROMETRE

ProductName
Tudserne6

ProductVersionNumber
5.5.0.5

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 db43456c102b0a9c2ff8168fd7bd414c
SHA1 3b37c837a8bc319debdb087ea59b69ed27ab0138
SHA256 5fd356d494c6d628e67932a02b981c73c9d2835a95d35a7c7b9b9669ad8525c8
ssdeep
12288:ZYg2v0LDgrOka6RkkRkoRj7sh2oDoqcPDNLDJ9ZPj0eU99Paz:BLDgrOdjykAoUd5LDhdU9la

authentihash 1d162a8f02d59275c5dcbb880224cfd259dae073831ffbe5c3963cf3c41e00e2
imphash 90803eb31ab805f35dfb94adf8dd665f
File size 764.0 KB ( 782336 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (82.7%)
Win32 Dynamic Link Library (generic) (6.6%)
Win32 Executable (generic) (4.5%)
OS/2 Executable (generic) (2.0%)
Generic Win/DOS Executable (2.0%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-29 11:17:14 UTC ( 6 months, 4 weeks ago )
Last submission 2018-11-07 02:06:31 UTC ( 6 months, 2 weeks ago )
File names Sample_5fd356d494c6d628e67932a02b981c73c9d2835a95d35a7c7b9b9669ad8525c8.exe
18517343
Taeniae
Taeniae.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!