× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 607f90b36f9a50d01ca31a9c1e5f08063bb9e8d3cf04a92220972c389024f50b
File name: e9da19440fca6f0747bdee8c7985917f
Detection ratio: 35 / 54
Analysis date: 2016-01-18 07:58:06 UTC ( 4 months, 1 week ago )
Antivirus Result Update
ALYac Gen:Variant.Graftor.129295 20160118
AVG PSW.Generic12.ZCC 20160118
Ad-Aware Gen:Variant.Graftor.129295 20160118
Yandex Trojan.Miep!v8zR5Jnbs2I 20160117
AhnLab-V3 Trojan/Win32.Lurk 20160117
Arcabit Trojan.Graftor.D1F90F 20160118
Avira (no cloud) TR/Rogue.1522253 20160117
Baidu-International Trojan.Win32.Lurk.aeh 20160117
BitDefender Gen:Variant.Graftor.129295 20160118
Comodo UnclassifiedMalware 20160118
DrWeb Trojan.Siggen6.8376 20160118
ESET-NOD32 Win32/Miep.B 20160118
Emsisoft Gen:Variant.Graftor.129295 (B) 20160118
F-Secure Gen:Variant.Graftor.129295 20160118
Fortinet W32/Miep.B!tr 20160118
GData Gen:Variant.Graftor.129295 20160118
Ikarus Trojan.Miep 20160118
Jiangmin Trojan/Miep.a 20160118
K7AntiVirus Trojan ( 004948401 ) 20160118
K7GW Trojan ( 004948401 ) 20160118
Kaspersky Trojan-Spy.Win32.Lurk.aeh 20160118
Malwarebytes Trojan.Agent.ED 20160118
McAfee Generic.dx!E9DA19440FCA 20160118
McAfee-GW-Edition Generic.dx!E9DA19440FCA 20160118
eScan Gen:Variant.Graftor.129295 20160118
Microsoft TrojanSpy:Win32/Lurk 20160118
NANO-Antivirus Trojan.Win32.Lurk.cwnrcb 20160118
Panda Generic Malware 20160117
Qihoo-360 Win32/Trojan.Spy.581 20160118
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160118
Sophos Mal/Generic-S 20160118
Symantec Trojan.Filurkes 20160117
Tencent Win32.Trojan-spy.Lurk.Anpq 20160118
VIPRE Trojan.Win32.Generic!BT 20160118
ViRobot Trojan.Win32.S.Agent.98816.P[h] 20160118
AegisLab 20160118
Alibaba 20160118
Antiy-AVL 20160118
Avast 20160121
Bkav 20160118
ByteHero 20160118
CAT-QuickHeal 20160118
CMC 20160111
ClamAV 20160118
Cyren 20160118
F-Prot 20160118
SUPERAntiSpyware 20160117
TheHacker 20160116
TrendMicro 20160118
TrendMicro-HouseCall 20160118
VBA32 20160117
Zillya 20160117
Zoner 20160118
nProtect 20160115
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-01-27 18:36:55
Entry Point 0x0000262E
Number of sections 5
PE sections
PE imports
GetObjectA
SetGraphicsMode
SelectObject
GetDIBits
BitBlt
ModifyWorldTransform
CreateCompatibleDC
CreateCompatibleBitmap
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetOEMCP
LCMapStringA
IsDebuggerPresent
HeapAlloc
TlsAlloc
VirtualProtect
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
TlsFree
CreateThread
GetStringTypeA
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
QueryPerformanceCounter
InterlockedDecrement
WideCharToMultiByte
IsValidCodePage
HeapCreate
VirtualFree
GetEnvironmentStringsW
HeapDestroy
Sleep
GetFileType
GetTickCount
TlsSetValue
ExitProcess
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
SetLastError
LeaveCriticalSection
GetMessageA
GetMenuInfo
DestroyMenu
CheckMenuRadioItem
LoadBitmapA
AppendMenuA
DispatchMessageA
SetMenu
PeekMessageA
TranslateMessage
GetMenuDefaultItem
GetDC
GetMenuItemID
CheckMenuItem
GetMenu
GetMenuItemRect
DrawMenuBar
EnableMenuItem
DeleteMenu
GetMenuItemCount
LoadAcceleratorsA
GetSubMenu
CopyAcceleratorTableA
GetMenuStringA
ShowCursor
DestroyAcceleratorTable
GetMenuState
GetMenuBarInfo
GetMenuItemInfoA
CreateAcceleratorTableA
IsDialogMessageA
PE exports
Number of PE resources by type
RT_BITMAP 1
Number of PE resources by language
ENGLISH US 1
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2014:01:27 19:36:55+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
43520

LinkerVersion
9.0

EntryPoint
0x262e

InitializedDataSize
57344

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 e9da19440fca6f0747bdee8c7985917f
SHA1 05446c67ff8c0baffa969fc5cc4dd62edcad46f5
SHA256 607f90b36f9a50d01ca31a9c1e5f08063bb9e8d3cf04a92220972c389024f50b
ssdeep
3072:hq6YHl7mcQ5NM3MYy/jMI0aL9FgiEdMnyi+OZVgfO:hq/mnM3MYy/jMI0aL9FgiEdMnyi+OZVh

authentihash 289d647d237410d5be90b84e035a5235436faf31b07c8ec7db68c459684bc017
imphash 05d7ab2296d06ecd366397377fc865de
File size 96.5 KB ( 98816 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
pedll

VirusTotal metadata
First submission 2014-01-28 00:21:23 UTC ( 2 years, 4 months ago )
Last submission 2016-01-18 07:58:06 UTC ( 4 months, 1 week ago )
File names e9da19440fca6f0747bdee8c7985917f.kaf
e9da19440fca6f0747bdee8c7985917f
6AA.dmp
vti-rescan
17C.dmp
7B7.dmp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!