× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 67d190e878826a40631d4f01ddb2545697c689b018f4d634ea131feed507d6fb
File name: a5.exe
Detection ratio: 19 / 56
Analysis date: 2014-12-11 15:06:41 UTC ( 4 years, 5 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2020802 20141211
AhnLab-V3 Trojan/Win32.MDA 20141211
Avast Win32:Dropper-gen [Drp] 20141211
AVG Downloader.Small.MOX 20141211
BitDefender Trojan.GenericKD.2020802 20141211
Emsisoft Trojan.GenericKD.2020802 (B) 20141211
ESET-NOD32 Win32/TrojanDownloader.Wauchos.AF 20141211
F-Secure Trojan.GenericKD.2020802 20141211
GData Trojan.GenericKD.2020802 20141211
Ikarus Backdoor.Win32.Androm 20141211
Kaspersky Backdoor.Win32.Androm.fqeu 20141211
Malwarebytes Trojan.MSIL.BVXGen 20141211
McAfee-GW-Edition BehavesLike.Win32.Backdoor.qh 20141211
eScan Trojan.GenericKD.2020802 20141211
nProtect Trojan.GenericKD.2020802 20141211
Panda Generic Suspicious 20141211
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20141211
Sophos AV Mal/Generic-S 20141211
TrendMicro-HouseCall Suspicious_GEN.F47V1210 20141211
AegisLab 20141211
Yandex 20141211
ALYac 20141211
Antiy-AVL 20141211
Avira (no cloud) 20141211
AVware 20141211
Baidu-International 20141211
Bkav 20141210
ByteHero 20141211
CAT-QuickHeal 20141210
ClamAV 20141211
CMC 20141211
Comodo 20141211
Cyren 20141211
DrWeb 20141211
F-Prot 20141211
Fortinet 20141210
Jiangmin 20141210
K7AntiVirus 20141211
K7GW 20141211
Kingsoft 20141211
McAfee 20141211
Microsoft 20141211
NANO-Antivirus 20141211
Norman 20141211
Rising 20141210
SUPERAntiSpyware 20141211
Symantec 20141211
Tencent 20141211
TheHacker 20141208
TotalDefense 20141211
TrendMicro 20141211
VBA32 20141211
VIPRE 20141211
ViRobot 20141211
Zillya 20141210
Zoner 20141210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Bookmarks All rights reserved Tradesmen

Publisher Bengal Aeronautic Writes
Original name Turbulent.exe
Internal name Turbulent.exe
File version 7.8.8.4
Description Ascending Caster Attributable Centipede Clitoral Unsensational Batteries Aliases Chases Vocationally Badinage Tuareg Castigates Uninsured Workmen Adsorb Caressing
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-12-10 15:46:12
Entry Point 0x0000F50E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
11.0

ImageVersion
0.0

FileVersionNumber
7.8.8.4

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2048

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Bookmarks All rights reserved Tradesmen

FileVersion
7.8.8.4

TimeStamp
2014:12:10 16:46:12+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Turbulent.exe

FileAccessDate
2014:12:11 16:01:54+01:00

ProductVersion
7.8.8.4

FileDescription
Ascending Caster Attributable Centipede Clitoral Unsensational Batteries Aliases Chases Vocationally Badinage Tuareg Castigates Uninsured Workmen Adsorb Caressing

OSVersion
4.0

FileCreateDate
2014:12:11 16:01:54+01:00

OriginalFilename
Turbulent.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bengal Aeronautic Writes

CodeSize
54784

FileSubtype
0

ProductVersionNumber
7.8.8.4

EntryPoint
0xf50e

ObjectFileType
Executable application

AssemblyVersion
7.8.8.9

File identification
MD5 dad834fbe6bfa616ce36718e3486a1df
SHA1 18f1b16486612e44048ef9ab3fede566612416f0
SHA256 67d190e878826a40631d4f01ddb2545697c689b018f4d634ea131feed507d6fb
ssdeep
768:zh1NVhNNSYblUoIoU72vDIkdg9Td5wO+pgdQshLf1i689NZfJzH0t6drYT1:zh1NVhxmno09Tdh5dQwUPAU1YT1

authentihash 37ce11493ccec4770b6b1f6e17ae526a18002c60acaa9269e37320ab0a0f3779
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 56.0 KB ( 57344 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2014-12-10 18:36:03 UTC ( 4 years, 5 months ago )
Last submission 2014-12-10 18:36:03 UTC ( 4 years, 5 months ago )
File names a5.exe
67D190E878826A40631D4F01DDB2545697C689B018F4D634EA131FEED507D6FB
Turbulent.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!