× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 651c15aaf87756d2f764190562a89687716b90fe3b7ff40140c4285a7a5ba6e4
File name: eb86a34b50b3f779caa14320bbc133e0
Detection ratio: 25 / 57
Analysis date: 2015-08-27 17:05:38 UTC ( 3 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2675654 20150827
ALYac Trojan.GenericKD.2675654 20150827
Arcabit Trojan.Generic.D28D3C6 20150827
Avast Win32:Malware-gen 20150827
AVG Zbot.AGFV 20150827
Avira (no cloud) TR/Crypt.ZPACK.177279 20150827
AVware Trojan.Win32.Generic!BT 20150827
BitDefender Trojan.GenericKD.2675654 20150827
Bkav HW32.Packed.E675 20150826
Emsisoft Trojan.GenericKD.2675654 (B) 20150827
ESET-NOD32 Win32/Spy.Zbot.ABW 20150827
F-Secure Trojan.GenericKD.2675654 20150827
Fortinet W32/Zbot.ABW!tr.spy 20150827
GData Trojan.GenericKD.2675654 20150827
Kaspersky Trojan-PSW.Win32.Tepfer.pswwar 20150827
Malwarebytes Trojan.Ranver.ED 20150827
McAfee Artemis!EB86A34B50B3 20150827
McAfee-GW-Edition BehavesLike.Win32.BadFile.fc 20150827
Microsoft Trojan:Win32/Skeeyah.A!bit 20150827
eScan Trojan.GenericKD.2675654 20150827
nProtect Trojan.GenericKD.2675654 20150827
Panda Generic Suspicious 20150827
Qihoo-360 Win32/Trojan.PSW.388 20150827
Sophos AV Mal/Generic-S 20150827
VIPRE Trojan.Win32.Generic!BT 20150827
AegisLab 20150827
Yandex 20150826
AhnLab-V3 20150827
Alibaba 20150827
Antiy-AVL 20150827
Baidu-International 20150827
ByteHero 20150827
CAT-QuickHeal 20150827
ClamAV 20150827
CMC 20150827
Comodo 20150827
Cyren 20150827
DrWeb 20150827
F-Prot 20150827
Ikarus 20150827
Jiangmin 20150826
K7AntiVirus 20150827
K7GW 20150827
Kingsoft 20150827
NANO-Antivirus 20150827
Rising 20150826
SUPERAntiSpyware 20150826
Symantec 20150826
Tencent 20150827
TheHacker 20150826
TotalDefense 20150827
TrendMicro 20150827
TrendMicro-HouseCall 20150827
VBA32 20150827
ViRobot 20150827
Zillya 20150827
Zoner 20150827
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-05-08 06:14:58
Entry Point 0x00057C70
Number of sections 4
PE sections
PE imports
CopySid
RegCreateKeyW
RegRestoreKeyW
RegCreateKeyA
GetSidSubAuthorityCount
QueryServiceStatus
RegOpenKeyExW
LookupAccountNameW
RegOpenKeyExA
SetSecurityDescriptorSacl
GetTokenInformation
GetKernelObjectSecurity
ImpersonateSelf
GetSecurityDescriptorDacl
LsaFreeMemory
DeregisterEventSource
GetSecurityDescriptorSacl
SetSecurityInfo
LsaRetrievePrivateData
IsValidAcl
LsaQueryInformationPolicy
SetKernelObjectSecurity
SetSecurityDescriptorOwner
LookupPrivilegeValueA
SetNamedSecurityInfoA
OpenServiceA
AddAccessDeniedAce
RegQueryValueExA
RegSetValueA
OpenServiceW
LsaNtStatusToWinError
GetSecurityInfo
UnlockServiceDatabase
SetSecurityDescriptorDacl
CloseServiceHandle
GetSidSubAuthority
RegisterEventSourceW
AddAccessAllowedAce
RegisterEventSourceA
SetEntriesInAclA
RegLoadKeyA
RegLoadKeyW
IsTextUnicode
RegDeleteValueW
LogonUserW
RegSetValueExW
RegEnumValueW
InitializeSecurityDescriptor
RegSetValueExA
EqualSid
SetThreadToken
AddAce
RegNotifyChangeKeyValue
RegCloseKey
AccessCheck
DeleteService
GetSecurityDescriptorLength
RegGetKeySecurity
OpenProcessToken
LsaClose
DuplicateToken
SetFileSecurityW
CloseEventLog
IsValidSid
GetSidIdentifierAuthority
RegisterServiceCtrlHandlerW
RegEnumKeyExW
LockServiceDatabase
LsaAddAccountRights
RegisterServiceCtrlHandlerA
MapGenericMask
SetEntriesInAclW
RevertToSelf
RegSaveKeyA
FreeSid
MakeSelfRelativeSD
AllocateAndInitializeSid
StartServiceA
RegEnumValueA
SetNamedSecurityInfoW
RegDeleteKeyA
RegCreateKeyExA
QueryServiceConfigA
OpenSCManagerW
GetSecurityDescriptorControl
GetAce
AdjustTokenPrivileges
ControlService
RegDeleteKeyW
LsaOpenPolicy
GetNamedSecurityInfoW
GetAclInformation
RegQueryValueA
MakeAbsoluteSD
GetUserNameW
GetSecurityDescriptorOwner
RegOpenKeyW
GetNamedSecurityInfoA
RegEnumKeyA
RegDeleteValueA
LsaEnumerateAccountRights
RegConnectRegistryA
RegQueryValueW
SetServiceStatus
RegQueryInfoKeyW
GetFileSecurityW
EncryptFileW
GetLengthSid
RegUnLoadKeyA
StartServiceCtrlDispatcherA
EnumDependentServicesW
ChangeServiceConfigA
ReportEventW
StartServiceCtrlDispatcherW
ImpersonateLoggedOnUser
RegUnLoadKeyW
ChangeServiceConfigW
ReportEventA
SetSecurityDescriptorGroup
ClusterRegSetValue
GetClusterNodeKey
ClusterRegSetKeySecurity
CreateClusterResource
CreateClusterNotifyPort
GetClusterNetworkId
ClusterNetInterfaceControl
ClusterRegDeleteKey
DeleteClusterResource
ClusterResourceEnum
GetClusterResourceKey
ClusterNodeControl
OpenClusterResource
CloseCluster
GetClusterGroupKey
CloseClusterNotifyPort
AddClusterResourceNode
ClusterNetworkCloseEnum
ClusterRegCreateKey
GetClusterNodeState
ClusterResourceTypeControl
ImmSetCompositionStringW
ImmGetConversionStatus
ImmNotifyIME
ImmGetIMEFileNameA
ImmSetCompositionStringA
ImmGetIMEFileNameW
ImmGetStatusWindowPos
ImmIsIME
ImmGetDescriptionA
ImmEscapeW
ImmCreateContext
ImmSetConversionStatus
ImmGetCompositionStringA
ImmIsUIMessageW
ImmInstallIMEA
ImmEscapeA
ImmGetDescriptionW
ImmGetOpenStatus
ImmGetProperty
ImmGetCompositionStringW
ImmSetCompositionFontA
ImmUnregisterWordW
ImmGetCompositionFontA
ImmGetCompositionWindow
ImmGetContext
ImmUnregisterWordA
ImmSetCandidateWindow
ImmGetGuideLineW
ImmRegisterWordW
ImmGetCompositionFontW
ImmEnumRegisterWordW
ImmSetCompositionFontW
ImmIsUIMessageA
ImmConfigureIMEA
ImmSetCompositionWindow
ImmDestroyContext
ImmGetCandidateWindow
ImmSimulateHotKey
ImmConfigureIMEW
ImmEnumRegisterWordA
ImmGetConversionListW
ImmSetStatusWindowPos
ImmReleaseContext
ImmSetOpenStatus
ImmAssociateContext
GlobalAddAtomA
GetStartupInfoA
GetModuleHandleA
LoadLibraryExW
TransparentBlt
AlphaBlend
_except_handler3
__p__fmode
_acmdln
_exit
_adjust_fdiv
__p__commode
exit
_XcptFilter
__getmainargs
_initterm
_controlfp
__setusermatherr
__set_app_type
SetupCloseFileQueue
SetupAddToSourceListA
SetupGetInfFileListA
SetupDiDestroyDeviceInfoList
SetupOpenInfFileW
SetupDiGetClassInstallParamsW
SetupDiSelectDevice
SetupDiGetClassInstallParamsA
SetupQuerySourceListA
SetupDiSetClassInstallParamsA
SetupSetPlatformPathOverrideW
SetupSetDirectoryIdExW
SetupQueueDeleteSectionA
SetupRemoveFromDiskSpaceListW
SetupTerminateFileLog
SetupRemoveFromDiskSpaceListA
SetupDiAskForOEMDisk
SetupDiClassNameFromGuidA
SetupGetSourceFileSizeW
SetupAddToDiskSpaceListW
SetupDiDeleteDeviceInterfaceData
SetupGetTargetPathA
SetupDiCreateDeviceInterfaceRegKeyA
SetupPromptReboot
SetupQueueRenameSectionA
SetupDiClassNameFromGuidExW
SetupDiDestroyDriverInfoList
SetupDiGetHwProfileList
SetupDiDrawMiniIcon
SetupDiGetDriverInfoDetailW
SetupFreeSourceListW
SetupSetDirectoryIdA
SetupDiGetHwProfileFriendlyNameW
SetupQuerySpaceRequiredOnDriveW
SetupDiGetDriverInstallParamsW
SetupSetDirectoryIdExA
SetupSetDirectoryIdW
SetupDiBuildDriverInfoList
SetupFreeSourceListA
SetupAdjustDiskSpaceListW
SetupDiGetDriverInstallParamsA
SetupGetFileCompressionInfoW
SetupDiSetDeviceInstallParamsA
SetupDiOpenDeviceInterfaceRegKey
SetupDiOpenClassRegKeyExW
SetupCommitFileQueueA
SetupDiEnumDeviceInfo
SetupQueryInfVersionInformationW
SetupTermDefaultQueueCallback
SetupDiSelectBestCompatDrv
SetupAddInstallSectionToDiskSpaceListA
SetupDiLoadClassIcon
SetupDiBuildClassInfoList
SetupCopyOEMInfW
SetupFindNextLine
SetupGetBinaryField
SetupCloseLog
SetupDiRegisterDeviceInfo
SetupDiCallClassInstaller
SetupDiGetHwProfileFriendlyNameExW
SetupGetSourceInfoW
SetupDiGetWizardPage
SetupGetSourceInfoA
SetupFindNextMatchLineW
SetupQueryFileLogW
SetupAddSectionToDiskSpaceListW
SetupDestroyDiskSpaceList
SetupDiGetActualSectionToInstallA
SetupDiGetClassImageIndex
SetupDiClassGuidsFromNameW
SetupRemoveSectionFromDiskSpaceListA
SetupDiGetActualSectionToInstallW
SetupScanFileQueueW
SetupDiClassGuidsFromNameA
SetupLogErrorA
SetupQueueRenameW
SetupFindFirstLineW
SetupQueryInfFileInformationW
SetupLogErrorW
SetupOpenFileQueue
SetupDiChangeState
SetupDiEnumDeviceInterfaces
SetupInstallServicesFromInfSectionA
SetupOpenAppendInfFileA
SetupDiGetClassDevPropertySheetsA
SetupInstallServicesFromInfSectionW
SetupScanFileQueueA
SetupDiGetClassImageListExW
SetupQueueCopySectionA
SetupCopyErrorW
SetupDiInstallDriverFiles
SetupDiGetHwProfileListExW
SetupInitDefaultQueueCallback
SetupRemoveFromSourceListA
SetupDiEnumDriverInfoW
SetupInstallServicesFromInfSectionExW
SetupDeleteErrorW
SetupDiGetSelectedDevice
SetupDiInstallClassA
SetupDiGetClassDevsExA
SetupQueueDeleteW
SetupQueryDrivesInDiskSpaceListW
SetupDiOpenClassRegKey
SetupDiGetClassDevsExW
SetupGetLineByIndexA
SetupDiDestroyClassImageList
RedrawWindow
GetMessagePos
SetWindowRgn
SendNotifyMessageA
LoadBitmapW
EnableScrollBar
MapVirtualKeyA
PostQuitMessage
DrawStateW
LoadBitmapA
SetWindowPos
OemToCharBuffA
DispatchMessageA
ScrollWindowEx
VkKeyScanA
SetMenuItemInfoA
GrayStringA
WindowFromPoint
CloseWindowStation
SetClassLongA
GetMessageTime
SetMenuItemInfoW
SetActiveWindow
DispatchMessageW
GetAsyncKeyState
CharLowerBuffW
DdeInitializeA
GetDlgCtrlID
AdjustWindowRectEx
SendMessageW
UnregisterClassA
DefFrameProcA
SetThreadDesktop
GetClassInfoW
GetMenuItemInfoW
DefMDIChildProcW
PackDDElParam
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
GetCursor
GetWindowTextLengthA
CreateWindowExW
LoadImageW
ActivateKeyboardLayout
ShowCursor
GetUpdateRgn
DdeCreateDataHandle
GetWindowTextW
SetDlgItemTextW
CharLowerBuffA
LockWindowUpdate
GetWindowTextLengthW
MsgWaitForMultipleObjects
GetMenuItemCount
GetWindowTextA
InvalidateRgn
PtInRect
DrawEdge
GetClassInfoExW
UpdateWindow
SetPropA
GetPropW
EqualRect
SetClassLongW
EnumWindows
DefMDIChildProcA
CreateCaret
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
GetNextDlgGroupItem
GetMenuState
GetCursorPos
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
SetWindowPlacement
LoadImageA
GetDlgItemTextA
GetClipboardFormatNameW
PeekMessageA
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
GetMenuDefaultItem
GetDlgItemInt
CreateIconFromResourceEx
CharNextExA
GetIconInfo
LoadStringA
GetQueueStatus
RegisterClassW
OpenDesktopW
IsZoomed
LoadStringW
WindowFromDC
DrawMenuBar
InvertRect
TrackPopupMenuEx
DrawFocusRect
CreateMenu
DdeClientTransaction
OemToCharA
ShowOwnedPopups
FlashWindow
CharNextA
WaitForInputIdle
GetSysColorBrush
IsWindowUnicode
ToUnicode
GetUpdateRect
GetGUIThreadInfo
OpenClipboard
IsChild
MapWindowPoints
CharPrevA
DrawAnimatedRects
OpenInputDesktop
IsCharAlphaNumericA
SetCapture
OffsetRect
DefWindowProcW
GetScrollPos
SendNotifyMessageW
DefWindowProcA
CheckMenuRadioItem
GetClipboardData
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
RegisterClassA
PostMessageA
DrawIcon
DrawTextExW
CharLowerW
SetProcessWindowStation
SendDlgItemMessageW
GetProcessWindowStation
InvalidateRect
CharToOemW
CreateDialogParamW
RemovePropA
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
SetWindowTextW
DdeGetLastError
GetMenuCheckMarkDimensions
CreateDialogParamA
BringWindowToTop
ClientToScreen
GetClassLongA
InsertMenuA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
CountClipboardFormats
SetWindowsHookExA
DialogBoxIndirectParamW
GetMenuStringA
IsDlgButtonChecked
SetDlgItemInt
SetWindowsHookExW
LoadCursorW
EnumDisplaySettingsW
FindWindowExW
InsertMenuW
FillRect
CheckRadioButton
PostThreadMessageA
GetMenuStringW
EmptyClipboard
GetCaretBlinkTime
RegisterClipboardFormatW
CreateDialogIndirectParamW
DrawTextA
IntersectRect
HideCaret
GetFocus
DeferWindowPos
CreateIconIndirect
GetCapture
FindWindowA
MessageBeep
LoadMenuW
DrawTextExA
ShowCaret
wvsprintfW
FreeDDElParam
ShowScrollBar
GetMenu
DestroyWindow
RegisterClassExW
RemoveMenu
MessageBoxIndirectA
GetDialogBaseUnits
AppendMenuW
GetWindowDC
ChangeClipboardChain
wvsprintfA
DialogBoxParamA
LoadKeyboardLayoutA
MessageBoxIndirectW
GetSysColor
SendMessageCallbackW
SetScrollInfo
RegisterClassExA
EndDeferWindowPos
SystemParametersInfoA
DestroyIcon
IsWindowVisible
GetDesktopWindow
SubtractRect
UnpackDDElParam
WinHelpA
FrameRect
SetRect
DdeUninitialize
SendMessageA
SendMessageTimeoutA
GetClassNameW
SetWindowTextA
DefDlgProcA
CloseDesktop
ValidateRect
CallWindowProcA
IsMenu
SendMessageTimeoutW
EnableWindow
CloseClipboard
SetCursor
DefDlgProcW
ReplyMessage
IsRectEmpty
TranslateAcceleratorW
DeviceCapabilitiesW
AddPrinterDriverExW
SetPrinterDataW
ReadPrinter
FreePrinterNotifyInfo
ResetPrinterA
DeletePortA
AddMonitorW
DeviceCapabilitiesA
SetFormW
GetPrinterDataW
AddMonitorA
AddJobW
ResetPrinterW
EnumPortsA
FindNextPrinterChangeNotification
DeletePrinter
DeletePrinterDataExW
GetPrinterW
DeletePrinterConnectionA
GetPrinterA
EnumPrintProcessorsW
DeleteMonitorW
DeletePrinterDataA
EnumPrinterDataW
ClosePrinter
AddPrinterConnectionA
GetPrinterDataExA
SetPortA
GetFormA
DeletePrinterKeyA
GetPrinterDriverA
SetPrinterDataExW
EnumJobsA
EnumPrintProcessorsA
SetJobW
SetPortW
GetFormW
GetPrinterDataA
AddPrinterW
GetJobA
EnumMonitorsA
DeletePrintProvidorW
GetPrinterDriverW
AddPortW
DeleteFormW
GetPrinterDriverDirectoryA
EnumPrinterDataExA
GetPrintProcessorDirectoryW
DeletePrintProcessorW
AddPrinterA
EnumPrinterKeyA
FindClosePrinterChangeNotification
DeleteFormA
AddPrintProvidorA
EnumPrintProcessorDatatypesW
EndDocPrinter
DeletePrinterDriverW
SetPrinterDataA
AdvancedDocumentPropertiesA
PrinterMessageBoxA
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH JAMAICA 4
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
2158592

ImageVersion
0.0

ProductName
Scrolls Piers

FileVersionNumber
0.136.15.211

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Spacecraft

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Shrinkage.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.0.0.0

TimeStamp
2004:05:08 07:14:58+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Powerhouse

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Copyright 2039

MachineType
Intel 386 or later, and compatibles

CompanyName
Western Digital Technologies, Inc.

CodeSize
360448

FileSubtype
0

ProductVersionNumber
0.199.49.30

EntryPoint
0x57c70

ObjectFileType
Executable application

File identification
MD5 eb86a34b50b3f779caa14320bbc133e0
SHA1 d27e697623bd6a4ec53f16758e4021c1e4d5db0f
SHA256 651c15aaf87756d2f764190562a89687716b90fe3b7ff40140c4285a7a5ba6e4
ssdeep
12288:OgiABKWK0n0S7ZyW75Dr8cOetYPK+QWlxl:oA3F0S7ZyW75ccOIYnQWlxl

authentihash b428081d6f3b2dc96ec54178df44313fa6d89b0375c8129c6b50d3072a08ff76
imphash a17106f4fff13bf22e641553a45453c7
File size 396.0 KB ( 405504 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2015-08-27 17:05:38 UTC ( 3 years, 6 months ago )
Last submission 2018-05-15 00:08:51 UTC ( 10 months, 1 week ago )
File names xLKl5.wbs
eb86a34b50b3f779caa14320bbc133e0.virobj
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Opened service managers
Runtime DLLs