× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 61d773629ffec157951c7792e9d8de849b7eb70c09e8726157170ee5c23edb2e
File name: 61d773629ffec157951c7792e9d8de849b7eb70c09e8726157170ee5c23edb2e
Detection ratio: 8 / 57
Analysis date: 2015-08-26 16:16:08 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
Avira (no cloud) TR/Spy.ZBot.413696.3 20150826
AVware Trojan.Win32.Generic!BT 20150826
Bkav HW32.Packed.3673 20150826
ESET-NOD32 Win32/Spy.Zbot.ABW 20150826
Fortinet W32/Zbot.ABW!tr.spy 20150826
Kaspersky Trojan-PSW.Win32.Tepfer.pswwck 20150826
Sophos AV Mal/Generic-S 20150826
VIPRE Trojan.Win32.Generic!BT 20150826
Ad-Aware 20150826
AegisLab 20150826
Yandex 20150826
AhnLab-V3 20150826
Alibaba 20150826
ALYac 20150826
Antiy-AVL 20150826
Arcabit 20150826
Avast 20150826
AVG 20150826
Baidu-International 20150826
BitDefender 20150826
ByteHero 20150826
CAT-QuickHeal 20150826
ClamAV 20150826
CMC 20150826
Comodo 20150826
Cyren 20150826
DrWeb 20150826
Emsisoft 20150826
F-Prot 20150826
F-Secure 20150826
GData 20150826
Ikarus 20150826
Jiangmin 20150823
K7AntiVirus 20150826
K7GW 20150826
Kingsoft 20150826
Malwarebytes 20150826
McAfee 20150826
McAfee-GW-Edition 20150826
Microsoft 20150825
eScan 20150826
NANO-Antivirus 20150826
nProtect 20150826
Panda 20150826
Qihoo-360 20150826
Rising 20150826
SUPERAntiSpyware 20150826
Symantec 20150826
Tencent 20150826
TheHacker 20150824
TotalDefense 20150826
TrendMicro 20150826
TrendMicro-HouseCall 20150826
VBA32 20150826
ViRobot 20150826
Zillya 20150826
Zoner 20150826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-11-10 14:22:16
Entry Point 0x0005C6BC
Number of sections 4
PE sections
PE imports
GetDriveTypeW
GetConsoleOutputCP
FileTimeToSystemTime
GetComputerNameA
GetFileAttributesA
GetDriveTypeA
FindNextFileA
HeapDestroy
GetPrivateProfileSectionNamesW
GetHandleInformation
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
HeapReAlloc
FileTimeToDosDateTime
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesW
GetLogicalDrives
FreeEnvironmentStringsW
GetStringTypeExW
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
FindResourceExA
GetCPInfo
GetOverlappedResult
GetStringTypeA
GetDiskFreeSpaceW
GetTempPathW
FormatMessageW
GetSystemTimeAsFileTime
EnumResourceLanguagesA
GetThreadTimes
GetDiskFreeSpaceA
GetStringTypeW
GetThreadPriority
GetExitCodeProcess
GetProfileIntW
ConnectNamedPipe
GetLogicalDriveStringsA
GetEnvironmentVariableA
GlobalHandle
GetLogicalDriveStringsW
FindClose
FormatMessageA
GetFullPathNameW
GetStringTypeExA
GetEnvironmentVariableW
GetSystemTime
GlobalFindAtomW
GetUserDefaultLangID
FindAtomA
GetModuleFileNameW
Beep
GlobalFindAtomA
ExitProcess
CreateFileW
GetSystemDefaultLCID
FlushViewOfFile
GetVersionExA
GetVolumeInformationA
GetPrivateProfileStringA
GetUserDefaultLCID
GetVolumeInformationW
LoadLibraryExW
FatalAppExitA
FoldStringW
FlushInstructionCache
GetPrivateProfileStringW
CreateMutexA
GlobalAddAtomW
CreateSemaphoreA
GetSystemDirectoryW
EnumResourceNamesW
DisconnectNamedPipe
GetExitCodeThread
GlobalAddAtomA
CreateSemaphoreW
ConvertDefaultLocale
GetCurrentProcess
ClearCommError
GetSystemDirectoryA
GetThreadSelectorEntry
GetDiskFreeSpaceExA
GetVersion
GetNumberFormatA
GetCommState
GetDiskFreeSpaceExW
GetCurrentThreadId
GetNumberFormatW
AreFileApisANSI
HeapFree
EnterCriticalSection
GetTimeZoneInformation
GetLastError
GetVersionExW
FreeLibrary
GetTickCount
FlushFileBuffers
FindFirstFileA
ExitThread
CopyFileW
GlobalSize
GetStartupInfoA
GetDateFormatA
DosDateTimeToFileTime
GetWindowsDirectoryW
GlobalGetAtomNameW
AddAtomA
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetDateFormatW
GetPriorityClass
CreateDirectoryW
DeleteFileW
GlobalLock
GetConsoleScreenBufferInfo
AddAtomW
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
GetProfileStringW
GlobalReAlloc
ExpandEnvironmentStringsW
FindNextFileW
GetProfileStringA
GetTimeFormatA
FreeConsole
CreateFileMappingA
FindFirstFileW
GlobalMemoryStatus
DuplicateHandle
ExpandEnvironmentStringsA
GetBinaryTypeA
EscapeCommFunction
GetPrivateProfileSectionW
GetPrivateProfileIntW
GetProcessAffinityMask
CreateEventW
CreateNamedPipeW
CreateEventA
GetNumberOfConsoleInputEvents
GetFileType
CreateFileA
HeapAlloc
DefineDosDeviceW
FlushConsoleInputBuffer
GlobalDeleteAtom
GetShortPathNameW
FindFirstChangeNotificationA
GetSystemInfo
VerLanguageNameW
GlobalFree
GetConsoleCP
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GetTempPathA
CreateNamedPipeA
GetShortPathNameA
FindFirstChangeNotificationW
GetQueuedCompletionStatus
GetAtomNameA
GetEnvironmentStrings
CompareFileTime
CreateIoCompletionPort
GetCurrentDirectoryA
HeapSize
GetCommandLineA
CancelIo
GetCurrentThread
GetSystemDefaultLangID
GetModuleHandleA
GlobalFlags
DeleteAtom
CloseHandle
EnumSystemLocalesA
GetACP
CopyFileA
GetModuleHandleW
FreeResource
GetFileAttributesExW
GetCurrentDirectoryW
HeapCreate
FindResourceW
CreateProcessW
GetFileAttributesExA
GetProcessVersion
GetProcessTimes
FindResourceA
GetOEMCP
CompareStringA
_except_handler3
_acmdln
__p__fmode
_adjust_fdiv
__p__commode
_controlfp
exit
_XcptFilter
__getmainargs
_initterm
_exit
__setusermatherr
__set_app_type
RasHangUpW
RasGetConnectStatusW
RasRenameEntryW
RasEnumEntriesW
RasCreatePhonebookEntryW
RasDialW
RasDeleteEntryW
RasEnumDevicesA
RasValidateEntryNameW
RasGetErrorStringA
RasGetConnectStatusA
RasGetCountryInfoW
RasSetEntryPropertiesW
RasGetProjectionInfoA
RasHangUpA
RasDialA
RasGetEntryDialParamsW
RedrawWindow
GetMessagePos
SendNotifyMessageA
SetMenuItemBitmaps
LoadBitmapW
DrawAnimatedRects
DestroyMenu
PostQuitMessage
SetWindowPos
DdeCreateStringHandleA
IsWindow
ScreenToClient
OpenIcon
SetMenuItemInfoA
GrayStringA
SetDlgItemInt
GetClassLongA
SetClassLongA
CharUpperBuffW
ScrollDC
VkKeyScanW
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
ChangeClipboardChain
GetAsyncKeyState
DrawTextA
DdeInitializeA
GetDlgCtrlID
wvsprintfA
GetMenu
DefFrameProcA
SetThreadDesktop
ToAscii
PackDDElParam
DrawTextW
LoadImageW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
LoadAcceleratorsA
GetWindowTextLengthA
MsgWaitForMultipleObjectsEx
CopyAcceleratorTableA
GetTopWindow
ShowCursor
GetSubMenu
RegisterClipboardFormatW
PostThreadMessageW
LockWindowUpdate
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetActiveWindow
GetWindowTextA
InvalidateRgn
DestroyWindow
IsRectEmpty
SystemParametersInfoA
GetUpdateRgn
GetPropW
SendNotifyMessageW
SetClassLongW
CheckRadioButton
CreateCaret
GetCaretPos
SetPropW
GetMenuState
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
LoadImageA
GetDlgItemTextA
GetClipboardFormatNameW
EnumDisplaySettingsW
ChildWindowFromPoint
GetClipboardData
TranslateMessage
IsWindowEnabled
ReuseDDElParam
DestroyCaret
GetDlgItemInt
SetMenuDefaultItem
CharNextExA
LoadStringA
GetQueueStatus
GetMenuStringW
OpenDesktopW
CharLowerA
LoadStringW
CloseWindow
DrawMenuBar
OemToCharBuffA
EnableMenuItem
RegisterClassA
TrackPopupMenuEx
DrawFocusRect
SetTimer
OemToCharA
ShowOwnedPopups
FillRect
SetWindowContextHelpId
DeferWindowPos
GetDialogBaseUnits
DdeConnect
EqualRect
CreateWindowExW
GetWindowLongW
GetGUIThreadInfo
CreateAcceleratorTableA
MapWindowPoints
CharPrevA
MapVirtualKeyA
PostMessageA
DefMDIChildProcW
GetScrollPos
KillTimer
MapVirtualKeyW
CharPrevW
DefMDIChildProcA
CheckMenuRadioItem
SetClipboardViewer
ToUnicodeEx
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetCapture
DrawIcon
IntersectRect
CharLowerW
SetWindowLongA
SetProcessWindowStation
SendDlgItemMessageW
WaitMessage
SetWindowTextA
ShowCaret
GetWindowLongA
GetClassLongW
GetLastActivePopup
PtInRect
DrawIconEx
GetMessageTime
SetWindowTextW
GetDCEx
DdeGetLastError
GetMenuCheckMarkDimensions
BringWindowToTop
SetDlgItemTextW
ClientToScreen
CloseWindowStation
InsertMenuA
LoadCursorA
LoadIconA
SetWindowsHookExA
DialogBoxIndirectParamW
GetMenuStringA
SetParent
IsDlgButtonChecked
DestroyAcceleratorTable
CreateIconFromResourceEx
IsDialogMessageW
LoadCursorW
LoadIconW
FindWindowExW
InsertMenuW
SetForegroundWindow
NotifyWinEvent
DefDlgProcA
DialogBoxIndirectParamA
WindowFromDC
GetCursorPos
GetCaretBlinkTime
CreateDialogIndirectParamW
CharLowerBuffW
DrawTextExW
EndDialog
LoadMenuA
HideCaret
CharNextA
CreateDialogIndirectParamA
FindWindowA
MessageBeep
LoadMenuW
DrawTextExA
RemoveMenu
wvsprintfW
GetSysColorBrush
AppendMenuA
RegisterClassExW
UnhookWindowsHookEx
SetDlgItemTextA
MessageBoxIndirectA
MoveWindow
DestroyCursor
AdjustWindowRectEx
DialogBoxParamA
LoadKeyboardLayoutA
MessageBoxIndirectW
GetSysColor
SendMessageCallbackW
SetScrollInfo
IsCharAlphaNumericA
DestroyIcon
WinHelpW
CharToOemA
SystemParametersInfoW
WinHelpA
FrameRect
DeleteMenu
DdeUninitialize
SendMessageA
GetClassNameW
UnregisterClassW
DefDlgProcW
CharLowerBuffA
ModifyMenuW
CallWindowProcA
IsMenu
CreateMenu
EnableWindow
CloseClipboard
CheckMenuItem
ModifyMenuA
GetKeyboardType
ReplyMessage
SetCursor
FtpRemoveDirectoryW
HttpOpenRequestA
InternetGoOnline
HttpEndRequestW
CreateUrlCacheEntryA
CreateUrlCacheEntryW
FtpRemoveDirectoryA
SetUrlCacheEntryGroup
RetrieveUrlCacheEntryFileW
HttpEndRequestA
HttpSendRequestExA
HttpOpenRequestW
CreateUrlCacheGroup
InternetReadFileExA
GopherOpenFileA
SetUrlCacheEntryInfoW
InternetCloseHandle
RetrieveUrlCacheEntryStreamA
InternetReadFileExW
InternetQueryOptionA
InternetDial
InternetSetOptionExA
InternetGetLastResponseInfoW
GetUrlCacheEntryInfoW
InternetFindNextFileW
InternetLockRequestFile
ReadUrlCacheEntryStream
GopherOpenFileW
InternetCheckConnectionA
GopherCreateLocatorA
FindFirstUrlCacheEntryExA
InternetCheckConnectionW
HttpAddRequestHeadersW
InternetQueryOptionW
GopherGetAttributeA
FtpPutFileA
FindNextUrlCacheEntryExW
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FtpGetCurrentDirectoryW
InternetOpenUrlW
FtpRenameFileA
FtpRenameFileW
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH JAMAICA 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.255.184.56

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1507328

EntryPoint
0x5c6bc

OriginalFileName
Morphologically.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1939

FileVersion
0.0.0.0

TimeStamp
2006:11:10 15:22:16+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Materialists

FileDescription
Remands

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SoftPerfect Research

CodeSize
376832

ProductName
Lacerations Regularise

ProductVersionNumber
0.69.110.175

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 9cc65bd103b35ee3f7525338e242e82b
SHA1 898ebd61956720e6596897960b640b6ebafb85da
SHA256 61d773629ffec157951c7792e9d8de849b7eb70c09e8726157170ee5c23edb2e
ssdeep
12288:RSKjfh7fAk0G3dni1TVf4Prop/9sIIV7:0KjfRIOi1TVW0t/

authentihash a622ea26fd012d90a7fbf1db9c2297a798a3f4d0888288074003eaba6aaff977
imphash 1195f0bc6c5690cc06b8b85cafbc61e4
File size 404.0 KB ( 413696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-08-26 16:16:08 UTC ( 3 years, 7 months ago )
Last submission 2015-08-26 16:16:08 UTC ( 3 years, 7 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Opened service managers
Runtime DLLs