× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 63e03626766825b7e4af5f14a64579806e49e6ada56e9e8d19f61acd8ca2d419
File name: d31545132b256c10738a2583bc101730
Detection ratio: 18 / 55
Analysis date: 2014-08-27 08:23:46 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
AntiVir TR/PSW.Zbot.18043 20140827
Avast Win32:Malware-gen 20140827
AVG Crypt3.ALJK 20140827
AVware Trojan.Win32.Generic!BT 20140827
CMC Packed.Win32.Ransom-Crypter.1!O 20140825
DrWeb Trojan.PWS.Panda.7630 20140827
ESET-NOD32 Win32/Spy.Zbot.ACB 20140827
Kaspersky Trojan-Spy.Win32.Zbot.txgw 20140827
Kingsoft Win32.Troj.Generic.a.(kcloud) 20140827
Malwarebytes Spyware.Zbot.FWED 20140827
McAfee Artemis!D31545132B25 20140827
Microsoft PWS:Win32/Zbot 20140827
NANO-Antivirus Trojan.Win32.Panda.deejrf 20140827
Qihoo-360 HEUR/Malware.QVM20.Gen 20140827
Sophos AV Mal/Generic-S 20140827
Symantec WS.Reputation.1 20140827
Tencent Win32.Trojan-spy.Zbot.Wnvp 20140827
VIPRE Trojan.Win32.Generic!BT 20140827
Ad-Aware 20140827
AegisLab 20140827
Yandex 20140826
AhnLab-V3 20140826
Antiy-AVL 20140827
Baidu-International 20140827
BitDefender 20140827
Bkav 20140826
ByteHero 20140827
CAT-QuickHeal 20140827
ClamAV 20140826
Commtouch 20140827
Comodo 20140827
Emsisoft 20140827
F-Prot 20140827
F-Secure 20140827
Fortinet 20140827
GData 20140827
Ikarus 20140827
Jiangmin 20140826
K7AntiVirus 20140826
K7GW 20140826
McAfee-GW-Edition 20140827
eScan 20140827
Norman 20140827
nProtect 20140826
Panda 20140826
Rising 20140826
SUPERAntiSpyware 20140827
TheHacker 20140826
TotalDefense 20140826
TrendMicro 20140827
TrendMicro-HouseCall 20140827
VBA32 20140826
ViRobot 20140827
Zillya 20140826
Zoner 20140826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2012

Publisher Oracle Corporation
Product Java(TM) Platform SE 7 U4
Original name javacpl.exe
Internal name Java(TM) Control Panel
File version 10.4.0.20
Description Java(TM) Control Panel
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-25 07:06:47
Entry Point 0x000014E0
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
GetEnhMetaFileA
SetMetaRgn
DeleteEnhMetaFile
CreateHalftonePalette
SaveDC
GetTextCharset
GetROP2
GetObjectType
CreateMetaFileW
DeleteDC
GetMapMode
CreatePatternBrush
GetDCBrushColor
GetPolyFillMode
AbortPath
GdiFlush
CreateCompatibleDC
SwapBuffers
CloseEnhMetaFile
CloseFigure
SelectObject
CancelDC
GetStretchBltMode
BeginPath
DeleteObject
GetLastError
VirtualAllocEx
lstrlenA
LoadLibraryW
GetDriveTypeA
QueryPerformanceCounter
GetTickCount
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
GetCommandLineW
UnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
GetFileAttributesA
GetModuleHandleA
InterlockedExchange
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetModuleHandleW
TerminateProcess
Sleep
GetCurrentThreadId
GetOpenClipboardWindow
GetParent
DestroyMenu
GetClipboardData
GetSysColorBrush
GetSystemMetrics
SetWindowLongW
DestroyIcon
ReleaseCapture
LoadCursorFromFileA
GetProcessWindowStation
IsGUIThread
IsMenu
GetWindowDC
GetMenuCheckMarkDimensions
GetMessageTime
CharLowerW
VkKeyScanW
CharUpperA
SendMessageW
GetClipboardViewer
GetDC
GetCursor
GetSysColor
GetKeyState
GetMenu
GetLastActivePopup
OemKeyScan
AnyPopup
IsWindowVisible
SendMessageA
IsWindowEnabled
GetDlgItem
DrawMenuBar
LoadCursorFromFileW
EnableMenuItem
InSendMessage
IsClipboardFormatAvailable
CreateMenu
LoadIconA
CountClipboardFormats
GetWindowTextLengthW
GetActiveWindow
GetDesktopWindow
LoadIconW
GetFocus
GetTopWindow
CharNextW
GetKeyboardType
WindowFromDC
timeGetTime
_amsg_exit
__wgetmainargs
__p__fmode
_unlock
_exit
__p__commode
_lock
__dllonexit
_cexit
_onexit
exit
_XcptFilter
_initterm
__setusermatherr
__set_app_type
_controlfp
_wcmdln
CoInitializeEx
CoCreateInstance
CoUninitialize
Number of PE resources by type
RT_ICON 12
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 16
PE resources
ExifTool file metadata
UninitializedDataSize
0

FileDescription
Java(TM) Control Panel

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
10.4.0.20

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FullVersion
10.4.0.20

CharacterSet
Unicode

InitializedDataSize
53248

EntryPoint
0x14e0

OriginalFileName
javacpl.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
10.4.0.20

TimeStamp
2014:08:25 08:06:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Java(TM) Control Panel

ProductVersion
7.0.40.20

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Oracle Corporation

CodeSize
425472

ProductName
Java(TM) Platform SE 7 U4

ProductVersionNumber
7.0.40.20

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 d31545132b256c10738a2583bc101730
SHA1 11ea95156d97699a520dca60ebb03452dd4b447b
SHA256 63e03626766825b7e4af5f14a64579806e49e6ada56e9e8d19f61acd8ca2d419
ssdeep
3072:8eHVSHpQATQHCkexkVMhEH+eI7C205WXYfhM0K7iZLbHeEyCzyRHrm9anUMNQ6aD:r1ETSexkV7HDIGbu4MDUeEyNLmUUB2S

authentihash 47d787c137fd47023a6aabe781b5467fa886f44d59981af3d66b899bde6299bd
imphash f862b138b04a8558518967f6c9f73b98
File size 468.0 KB ( 479232 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-08-27 08:23:46 UTC ( 4 years, 6 months ago )
Last submission 2014-08-27 08:23:46 UTC ( 4 years, 6 months ago )
File names Java(TM) Control Panel
javacpl.exe
d31545132b256c10738a2583bc101730
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections
UDP communications