× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 607f90b36f9a50d01ca31a9c1e5f08063bb9e8d3cf04a92220972c389024f50b
File name: e9da19440fca6f0747bdee8c7985917f
Detection ratio: 38 / 56
Analysis date: 2016-06-01 14:42:10 UTC ( 2 months, 4 weeks ago )
Antivirus Result Update
ALYac Gen:Variant.Graftor.129295 20160601
AVG PSW.Generic12.ZCC 20160601
AVware Trojan.Win32.Generic!BT 20160601
Ad-Aware Gen:Variant.Graftor.129295 20160601
AegisLab Troj.Spy.W32.Lurk!c 20160601
AhnLab-V3 Trojan/Win32.Lurk 20160601
Arcabit Trojan.Graftor.D1F90F 20160601
Avira (no cloud) TR/Rogue.1522253 20160601
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160601
Baidu-International Trojan.Win32.Lurk.aeh 20160601
BitDefender Gen:Variant.Graftor.129295 20160601
Comodo UnclassifiedMalware 20160601
DrWeb Trojan.Siggen6.8376 20160601
ESET-NOD32 Win32/Miep.B 20160601
Emsisoft Gen:Variant.Graftor.129295 (B) 20160601
F-Secure Gen:Variant.Graftor.129295 20160601
Fortinet W32/Miep.B!tr 20160601
GData Gen:Variant.Graftor.129295 20160601
Ikarus Trojan.Miep 20160601
Jiangmin Trojan/Miep.a 20160601
K7AntiVirus Trojan ( 004e698e1 ) 20160601
K7GW Trojan ( 004e698e1 ) 20160601
Kaspersky Trojan-Spy.Win32.Lurk.aeh 20160601
Malwarebytes Trojan.Agent.ED 20160601
McAfee Generic.dx!E9DA19440FCA 20160601
eScan Gen:Variant.Graftor.129295 20160601
Microsoft TrojanSpy:Win32/Lurk 20160601
NANO-Antivirus Trojan.Win32.Lurk.cwnrcb 20160601
Panda Generic Malware 20160601
Qihoo-360 Win32/Trojan.Spy.581 20160601
Rising Trjoan.Generic-1DE7zw9IwrF (Cloud) 20160601
Sophos Mal/Generic-S 20160601
Symantec Trojan.Filurkes 20160601
Tencent Win32.Trojan-spy.Lurk.Anpq 20160601
TrendMicro TROJ_GEN.R002C0CAL16 20160601
VIPRE Trojan.Win32.Generic!BT 20160601
ViRobot Trojan.Win32.S.Agent.98816.P[h] 20160601
Yandex Trojan.Miep!v8zR5Jnbs2I 20160531
Alibaba 20160601
Antiy-AVL 20160601
Avast 20160601
Bkav 20160601
CAT-QuickHeal 20160601
CMC 20160530
ClamAV 20160601
Cyren 20160601
F-Prot 20160601
Kingsoft 20160601
McAfee-GW-Edition 20160601
SUPERAntiSpyware 20160601
TheHacker 20160601
TrendMicro-HouseCall 20160601
VBA32 20160601
Zillya 20160531
Zoner 20160601
nProtect 20160601
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-27 18:36:55
Entry Point 0x0000262E
Number of sections 5
PE sections
PE imports
GetObjectA
SetGraphicsMode
SelectObject
GetDIBits
BitBlt
ModifyWorldTransform
CreateCompatibleDC
CreateCompatibleBitmap
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
IsDebuggerPresent
HeapAlloc
TlsAlloc
VirtualProtect
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
TlsFree
CreateThread
GetStringTypeA
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
QueryPerformanceCounter
InterlockedDecrement
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
GetEnvironmentStringsW
HeapDestroy
Sleep
GetFileType
GetTickCount
TlsSetValue
ExitProcess
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
SetLastError
LeaveCriticalSection
GetMessageA
GetMenuInfo
DestroyMenu
CheckMenuRadioItem
LoadBitmapA
AppendMenuA
DispatchMessageA
SetMenu
PeekMessageA
TranslateMessage
GetMenuDefaultItem
GetDC
GetMenuItemID
CheckMenuItem
GetMenu
GetMenuItemRect
DrawMenuBar
EnableMenuItem
DeleteMenu
GetMenuItemCount
LoadAcceleratorsA
GetSubMenu
CopyAcceleratorTableA
GetMenuStringA
ShowCursor
DestroyAcceleratorTable
GetMenuState
GetMenuBarInfo
GetMenuItemInfoA
CreateAcceleratorTableA
IsDialogMessageA
PE exports
Number of PE resources by type
RT_BITMAP 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2014:01:27 19:36:55+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
43520

LinkerVersion
9.0

EntryPoint
0x262e

InitializedDataSize
57344

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 e9da19440fca6f0747bdee8c7985917f
SHA1 05446c67ff8c0baffa969fc5cc4dd62edcad46f5
SHA256 607f90b36f9a50d01ca31a9c1e5f08063bb9e8d3cf04a92220972c389024f50b
ssdeep
3072:hq6YHl7mcQ5NM3MYy/jMI0aL9FgiEdMnyi+OZVgfO:hq/mnM3MYy/jMI0aL9FgiEdMnyi+OZVh

authentihash 289d647d237410d5be90b84e035a5235436faf31b07c8ec7db68c459684bc017
imphash 05d7ab2296d06ecd366397377fc865de
File size 96.5 KB ( 98816 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2014-01-28 00:21:23 UTC ( 2 years, 7 months ago )
Last submission 2016-06-01 14:42:10 UTC ( 2 months, 4 weeks ago )
File names e9da19440fca6f0747bdee8c7985917f.kaf
e9da19440fca6f0747bdee8c7985917f
6AA.dmp
vti-rescan
17C.dmp
7B7.dmp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!