× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 66e3388a2ceda528c7697fc7b76eda99563a2118cec4c17b7b20d3bf08378655
File name: 203781.exe
Detection ratio: 4 / 65
Analysis date: 2018-05-30 05:16:47 UTC ( 8 months, 3 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9687 20180530
Cylance Unsafe 20180530
Endgame malicious (moderate confidence) 20180507
Palo Alto Networks (Known Signatures) generic.ml 20180530
Ad-Aware 20180530
AegisLab 20180530
AhnLab-V3 20180529
Alibaba 20180530
ALYac 20180530
Antiy-AVL 20180530
Arcabit 20180530
Avast 20180530
Avast-Mobile 20180530
AVG 20180530
Avira (no cloud) 20180530
AVware 20180530
Babable 20180406
BitDefender 20180530
Bkav 20180529
CAT-QuickHeal 20180529
ClamAV 20180530
CMC 20180529
Comodo 20180530
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180530
DrWeb 20180529
eGambit 20180530
Emsisoft 20180529
ESET-NOD32 20180530
F-Prot 20180530
F-Secure 20180530
Fortinet 20180530
GData 20180529
Ikarus 20180529
Sophos ML 20180503
Jiangmin 20180529
K7AntiVirus 20180530
K7GW 20180529
Kaspersky 20180529
Kingsoft 20180530
Malwarebytes 20180530
MAX 20180530
McAfee 20180530
McAfee-GW-Edition 20180530
Microsoft 20180530
eScan 20180530
NANO-Antivirus 20180529
nProtect 20180530
Panda 20180529
Qihoo-360 20180530
Rising 20180530
SentinelOne (Static ML) 20180225
Sophos AV 20180529
SUPERAntiSpyware 20180529
Symantec 20180530
Symantec Mobile Insight 20180525
Tencent 20180530
TheHacker 20180524
TrendMicro 20180530
TrendMicro-HouseCall 20180530
Trustlook 20180530
VBA32 20180529
VIPRE 20180530
ViRobot 20180529
Webroot 20180530
Yandex 20180529
Zillya 20180528
ZoneAlarm by Check Point 20180529
Zoner 20180530
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Myuntil Kill
Original name Myuntil Kill.exe
File version 13, 6, 5091, 6182
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-05-29 10:23:07
Entry Point 0x0006B956
Number of sections 5
PE sections
PE imports
AdjustTokenPrivileges
CloseServiceHandle
LookupPrivilegeValueA
RegCloseKey
StartServiceCtrlDispatcherA
OpenProcessToken
SetServiceStatus
CreateServiceA
FreeSid
RegQueryValueExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
ControlService
RegEnumKeyA
GetTokenInformation
DeleteService
RegOpenKeyExA
RegisterServiceCtrlHandlerA
GetObjectA
CreateDCA
DeleteDC
CreateSolidBrush
DPtoLP
BitBlt
GetBkColor
DeviceIoControl
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
FindFirstChangeNotificationA
GetModuleFileNameW
GetLastError
GetConsoleCP
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetACP
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetFileType
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
HeapSize
SetFilePointerEx
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetProcessHeap
SetStdHandle
GetTempPathA
RaiseException
WideCharToMultiByte
TlsFree
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetSystemTimeAsFileTime
GetSystemDirectoryA
HeapReAlloc
DecodePointer
GetModuleHandleW
GetOEMCP
TerminateProcess
GetModuleFileNameA
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
CreateFileW
TlsGetValue
Sleep
SetLastError
TlsSetValue
HeapAlloc
GetCurrentThreadId
ExitProcess
WriteConsoleW
LeaveCriticalSection
SetupGetSourceFileLocationA
SetupScanFileQueueA
SetupCloseFileQueue
SetupCommitFileQueueA
SetupGetSourceFileSizeA
SetupInstallFilesFromInfSectionA
SetupCloseInfFile
SetupOpenFileQueue
SetupInstallFileExA
SetupOpenInfFileA
SetupDecompressOrCopyFileA
SetupGetInfFileListA
SetupQueryInfOriginalFileInformationA
GetMessageA
CreateWindowExA
IsWindow
LoadIconA
GetMenu
WindowFromPoint
InflateRect
EndDialog
SetMenuItemInfoA
ReleaseCapture
IntersectRect
CallWindowProcA
SetWindowLongA
CloseClipboard
ExitWindowsEx
SetScrollInfo
OleUninitialize
CoSuspendClassObjects
CoInitialize
OleInitialize
OleCreate
CoUninitialize
StgCreateDocfile
Number of PE resources by type
RT_ICON 9
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 12
PE resources
Debug information
ExifTool file metadata
CodeSize
482304

UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
13.6.5091.6182

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
433152

EntryPoint
0x6b956

OriginalFileName
Myuntil Kill.exe

MIMEType
application/octet-stream

FileVersion
13, 6, 5091, 6182

TimeStamp
2015:05:29 11:23:07+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
13, 6, 5091, 6182

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Value Stand

LegalTrademarks
Myuntil Kill

ProductName
Myuntil Kill

ProductVersionNumber
13.6.5091.6182

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 b91092360df199385ac3dc6c3aa8a0e3
SHA1 f635c0fb75b6bb1b4631bed5ecbb403798c4d41d
SHA256 66e3388a2ceda528c7697fc7b76eda99563a2118cec4c17b7b20d3bf08378655
ssdeep
24576:ieyS5InPAxrQapMCLBvOtCh2BADsQg7jOK:OAQuBvOt5ADsQg7jD

authentihash a16b4a8a381a09c7bb95f37633a96862b15047e248adc7de561bf8fb6377cef1
imphash 257ca0ffc6bf62d73f3f050eb6bc000a
File size 830.5 KB ( 850432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.4%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-30 05:16:47 UTC ( 8 months, 3 weeks ago )
Last submission 2018-10-01 10:42:45 UTC ( 4 months, 3 weeks ago )
File names akur5.yarn
akur2.yarn
anopka8.yarn
anopka6.yarn
akur4.yarn
Myuntil Kill.exe
roho.exe
akur1.yarn
crypt_0002_1081d.exe
anopka7.yarn
akur3.yarn
output.113361224.txt
203781.exe
anopka9.yarn
anopka10.yarn
tyko.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!