× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 64ef4ce5a33c735d78836f20fc8c8650d85f4568c9558c43ceeb06eb3cc2a0e7
File name: acdffaccadfdddfadccdfafdffcfdacaacdaaafffacccccdddfccfdcaaad.acdf...
Detection ratio: 44 / 71
Analysis date: 2018-12-28 22:44:03 UTC ( 2 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.292828 20181228
AhnLab-V3 Trojan/Win32.Agent.R204743 20181228
ALYac Gen:Variant.Zusy.292828 20181228
Antiy-AVL Trojan/Win32.AGeneric 20181228
Arcabit Trojan.Zusy.D477DC 20181228
Avast Win32:Malware-gen 20181228
AVG Win32:Malware-gen 20181228
Avira (no cloud) TR/Crypt.ZPACK.Gen7 20181228
BitDefender Gen:Variant.Zusy.292828 20181228
Bkav HW32.Packed. 20181227
CAT-QuickHeal Trojan.Generic.JH6 20181228
Cyren W32/Bundpil.L.gen!Eldorado 20181228
DrWeb Trojan.Siggen7.25608 20181228
Emsisoft Gen:Variant.Zusy.292828 (B) 20181228
Endgame malicious (high confidence) 20181108
ESET-NOD32 Win32/Bundpil.EG 20181228
F-Prot W32/Bundpil.L.gen!Eldorado 20181228
F-Secure Gen:Variant.Zusy.292828 20181228
Fortinet W32/Generic.AC.3F2805 20181228
GData Gen:Variant.Zusy.292828 20181228
Ikarus Worm.Win32.Bundpil 20181228
Sophos ML heuristic 20181128
Jiangmin Trojan.Generic.bcauf 20181228
K7AntiVirus Trojan ( 005115e21 ) 20181228
K7GW Trojan ( 005115e21 ) 20181228
Kaspersky HEUR:Trojan.Win32.Generic 20181228
Malwarebytes Backdoor.Agent 20181228
MAX malware (ai score=83) 20181228
McAfee GenericRXCE-NK!560C5609BDAD 20181228
McAfee-GW-Edition BehavesLike.Win32.Generic.vh 20181228
eScan Gen:Variant.Zusy.292828 20181228
NANO-Antivirus Trojan.Win32.Agent.eqodap 20181228
Panda Trj/Genetic.gen 20181228
Rising Malware.Heuristic!ET#100% (RDM+:cmRtazq3E40bJDyolIRIeJ+aygvv) 20181228
SentinelOne (Static ML) static engine - malicious 20181223
Symantec SMG.Heur!gen 20181228
Trapmine malicious.high.ml.score 20181205
TrendMicro WORM_BUNDPIL.SMJS1 20181228
TrendMicro-HouseCall WORM_BUNDPIL.SMJS1 20181228
VBA32 Trojan.Tiggre 20181228
ViRobot Trojan.Win32.Agent.6327808 20181228
Webroot W32.Trojan.Gen 20181228
Zillya Worm.Bundpil.Win32.124698 20181228
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181228
Acronis 20181227
AegisLab 20181228
Alibaba 20180921
Avast-Mobile 20181228
AVware 20180925
Babable 20180918
Baidu 20181207
ClamAV 20181228
CMC 20181228
Comodo 20181228
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181228
eGambit 20181228
Kingsoft 20181228
Microsoft 20181228
Palo Alto Networks (Known Signatures) 20181228
Qihoo-360 20181228
Sophos AV 20181228
SUPERAntiSpyware 20181226
Symantec Mobile Insight 20181225
TACHYON 20181228
Tencent 20181228
TheHacker 20181225
TotalDefense 20181228
Trustlook 20181228
VIPRE 20181228
Yandex 20181227
Zoner 20181228
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-28 21:22:43
Entry Point 0x00003CCF
Number of sections 5
PE sections
PE imports
ImageList_Create
ImageList_ReplaceIcon
CreateDCA
SetTextColor
CreateRectRgn
GetStdHandle
GetDriveTypeW
FileTimeToSystemTime
WaitForSingleObject
HeapDestroy
EncodePointer
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetFileInformationByHandle
SetStdHandle
WideCharToMultiByte
FillConsoleOutputCharacterA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetThreadPriority
FindClose
TlsGetValue
GetFullPathNameW
SetLastError
PeekNamedPipe
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
CreateThread
SetEnvironmentVariableW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
SetEnvironmentVariableA
ReadConsoleA
TerminateProcess
VirtualQuery
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
lstrcmpiA
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
OpenProcess
GetStartupInfoW
GetProcAddress
GetConsoleScreenBufferInfo
GetProcessHeap
CompareStringW
FreeEnvironmentStringsW
lstrcmpA
GetComputerNameA
FindFirstFileExW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetCurrentProcessId
CopyFileExA
GetCPInfo
HeapSize
GetCommandLineA
GetCurrentThread
OpenMutexA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
LoadLibraryW
IsValidCodePage
HeapCreate
Sleep
VirtualAlloc
PathFindFileNameA
PathRemoveFileSpecW
PathCombineA
GetCursorPos
GetSystemMetrics
LoadCursorA
DestroyIcon
PostMessageA
GetDesktopWindow
LoadIconW
SetRect
DrawCaption
PE exports
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2017:06:28 23:22:43+02:00

FileType
Win32 DLL

PEType
PE32

CodeSize
74752

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit, DLL

EntryPoint
0x3ccf

InitializedDataSize
37888

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 560c5609bdad5e2a30cbd2a48df2a711
SHA1 f43a9d5bcc997358f93bb4623ae15132023686e9
SHA256 64ef4ce5a33c735d78836f20fc8c8650d85f4568c9558c43ceeb06eb3cc2a0e7
ssdeep
98304:CKFGa4fvXPFI8gw7W2D82v6sx1vF+QbnrjBcK+Zr+aoTO1NaDOfDaALhs6gc:7Ma8Tj7kV34rjE0ON57aADg

authentihash cc124715fcf8965369fba298dcae9b508365e952fb3b857f81c4ad39614f1ad5
imphash 22d1d7f87df6989fe1723087a65f300f
File size 6.8 MB ( 7160832 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
pedll

VirusTotal metadata
First submission 2018-12-28 22:44:03 UTC ( 2 months, 3 weeks ago )
Last submission 2018-12-28 22:44:03 UTC ( 2 months, 3 weeks ago )
File names acdffaccadfdddfadccdfafdffcfdacaacdaaafffacccccdddfccfdcaaad.acdffaccadfdddfadccdfafdffcfdacaacdaaafffacccccdddfccfdcaaad
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!