× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6923d833ae1c44171b73284951c204aa313ae6b8148f8506a2a7a153168f0f50
File name: b7ef64e11486e9a3e6331daa20c4a211
Detection ratio: 32 / 55
Analysis date: 2014-11-18 18:32:24 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Adware.Kazy.432610 20141118
AhnLab-V3 PUP/Win32.LoadMoney 20141118
Avast Win32:LoadMoney-JU [PUP] 20141118
AVG Win32/Cryptor 20141118
Avira (no cloud) APPL/Downloader.Gen7 20141118
AVware Trojan.Win32.Generic.pak!cobra 20141118
BitDefender Gen:Variant.Adware.Kazy.432610 20141118
Bkav HW32.Packed.1E16 20141118
ClamAV Win.Adware.Agent-29651 20141118
Comodo Application.Win32.LoadMoney.XST 20141118
DrWeb Trojan.LoadMoney.364 20141118
Emsisoft Gen:Variant.Adware.Kazy.432610 (B) 20141118
ESET-NOD32 a variant of Win32/Adware.LoadMoney.AAB 20141118
F-Prot W32/A-2a66eaec!Eldorado 20141118
F-Secure Gen:Variant.Adware.Kazy.432610 20141118
Fortinet W32/Kryptik.CPAR!tr 20141118
GData Gen:Variant.Adware.Kazy.432610 20141118
K7AntiVirus Trojan ( 7000000f1 ) 20141118
K7GW Unwanted-Program ( 0040f98d1 ) 20141118
Kaspersky not-a-virus:Downloader.Win32.Plocust.nkql 20141118
Malwarebytes PUP.Optional.LoadMoney 20141118
McAfee Packed-CQ 20141118
McAfee-GW-Edition BehavesLike.Win32.Adware.gh 20141118
Microsoft TrojanDownloader:Win32/Ogimant.gen!C 20141118
eScan Gen:Variant.Adware.Kazy.432610 20141118
NANO-Antivirus Trojan.Win32.LoadMoney.dimimj 20141118
Norman Kryptik.CDIC 20141118
Panda Trj/Genetic.gen 20141118
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20141117
Symantec WS.Reputation.1 20141118
VBA32 Malware-Cryptor.Limpopo 20141118
VIPRE Trojan.Win32.Generic.pak!cobra 20141118
AegisLab 20141118
Yandex 20141118
Antiy-AVL 20141118
Baidu-International 20141107
ByteHero 20141118
CAT-QuickHeal 20141118
CMC 20141118
Cyren 20141118
Ikarus 20141118
Jiangmin 20141117
Kingsoft 20141118
nProtect 20141118
Qihoo-360 20141118
Sophos AV 20141118
SUPERAntiSpyware 20141118
Tencent 20141118
TheHacker 20141117
TotalDefense 20141118
TrendMicro 20141118
TrendMicro-HouseCall 20141118
ViRobot 20141118
Zillya 20141117
Zoner 20141118
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
998 Ma8-20no0rk Ruichssiv

Publisher Slsysernaint
Product ternals Desin wbugvieSy
Original name fdjuu5we.exe
Internal name rnaStels Deut Viebug sinOuertpw
File version 4.76
Description AllowMultipleInstances
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x000014EB
Number of sections 6
PE sections
PE imports
WmiNotificationRegistrationA
FlushTraceA
EncryptFileA
LsaCreateTrustedDomain
WriteEncryptedFileRaw
LogonUserW
LookupPrivilegeDisplayNameW
GetInheritanceSourceW
RegEnumKeyW
AddUsersToEncryptedFile
BuildTrusteeWithObjectsAndNameA
RegOpenKeyA
CryptSignHashA
FreeEncryptionCertificateHashList
RegEnumKeyA
GetAclInformation
RemoveUsersFromEncryptedFile
LsaEnumerateAccountRights
IsValidSecurityDescriptor
StartServiceW
ImageList_Duplicate
FlatSB_SetScrollProp
InitializeFlatSB
ImageList_DragMove
DllGetVersion
DestroyPropertySheetPage
ImageList_Merge
FlatSB_GetScrollRange
DrawStatusTextA
CreatePropertySheetPageA
ImageList_EndDrag
UninitializeFlatSB
PrintDlgExW
WantArrows
GetOpenFileNameW
GetFileTitleW
ReplaceTextA
PrintDlgW
dwLBSubclass
GetSaveFileNameA
ChooseFontA
dwOKSubclass
SetMetaRgn
GetCharABCWidthsFloatW
CreatePen
STROBJ_bGetAdvanceWidths
GetGraphicsMode
GetObjectType
EnumFontFamiliesW
SetWorldTransform
QueryFontAssocStatus
GetFontResourceInfoW
GetMiterLimit
DescribePixelFormat
SelectClipPath
MoveToEx
GetDIBits
FloodFill
GdiFlush
EndPage
ArcTo
GdiPlayDCScript
Pie
GdiQueryTable
EngStrokeAndFillPath
CopyFileW
Heap32ListFirst
GetNamedPipeInfo
ReleaseMutex
FindFirstChangeNotificationA
FileTimeToDosDateTime
SetThreadPriorityBoost
FindVolumeClose
GetNamedPipeHandleStateA
CreateJobObjectW
GetHandleInformation
HeapDestroy
DeleteTimerQueueEx
SetFileTime
BuildCommDCBW
FindFirstVolumeMountPointA
GetEnvironmentStringsW
FindNextVolumeW
UpdateResourceA
GetVolumePathNamesForVolumeNameW
EnumCalendarInfoA
GetConsoleInputWaitHandle
GetCPInfoExW
CreateActCtxW
OpenSemaphoreA
FindAtomA
ProcessIdToSessionId
GetProcessHeaps
VerifyVersionInfoA
EnumSystemLocalesW
RegisterWowExec
FatalAppExitA
GetLogicalDrives
SetHandleCount
GetCompressedFileSizeA
WaitForMultipleObjects
SetCommTimeouts
GetSystemPowerStatus
DeleteAtom
CancelIo
EnumCalendarInfoW
GetProfileStringW
GetConsoleKeyboardLayoutNameW
GlobalAddAtomW
WideCharToMultiByte
DeleteVolumeMountPointW
HeapUnlock
FindFirstFileExA
WriteConsoleOutputCharacterA
SetNamedPipeHandleState
SetUnhandledExceptionFilter
SetProcessWorkingSetSize
GetAtomNameW
CloseHandle
FindVolumeMountPointClose
ReleaseActCtx
GetDiskFreeSpaceA
HeapLock
GetGeoInfoW
PulseEvent
GetLongPathNameW
GetConsoleSelectionInfo
SetThreadContext
MoveFileA
GetPrivateProfileIntW
FindCloseChangeNotification
CreateDirectoryExA
AllocateUserPhysicalPages
InterlockedCompareExchange
SetCommConfig
LoadResource
GetAtomNameA
RtlMoveMemory
VirtualQueryEx
GetConsoleDisplayMode
GetPrivateProfileStringW
SetVolumeLabelA
OpenJobObjectW
HeapValidate
GetVersion
GetHandleContext
CancelWaitableTimer
SetLastError
WriteTapemark
OleUninitialize
OleSetClipboard
CLIPFORMAT_UserFree
CoRegisterSurrogate
HPALETTE_UserFree
OleCreateMenuDescriptor
OleRegEnumVerbs
CoRevokeClassObject
CLSIDFromOle1Class
WriteOleStg
CoGetTreatAsClass
OleGetClipboard
PropVariantChangeType
CoGetInterceptor
IsValidPtrOut
VarInt
VarUI1FromR8
VarFormatCurrency
SafeArrayPtrOfIndex
DosDateTimeToVariantTime
VarCyFromR8
VarR8FromI8
VarBstrFromR4
CreateTypeLib2
VarDecFromR8
VarI4FromCy
DragQueryFileW
SHQueryRecycleBinW
SHBindToParent
PrintersGetCommand_RunDLL
SHFormatDrive
StrChrW
SHGetIconOverlayIndexA
SHHelpShortcuts_RunDLLA
StrChrIW
SHGetDesktopFolder
Control_RunDLLW
SHCreateShellItem
SHBrowseForFolder
StrStrIW
SHGetFolderPathAndSubDirA
SHGetDiskFreeSpaceExW
DragQueryFileAorW
StrCmpNW
DllGetClassObject
Options_RunDLL
PrintersGetCommand_RunDLLA
PrintersGetCommand_RunDLLW
Control_RunDLL
PathIsContentTypeW
SHSetValueW
UrlCombineW
SHRegEnumUSKeyA
SHEnumValueW
StrChrIW
UrlGetPartA
SHOpenRegStreamA
SHAutoComplete
SHRegGetBoolUSValueA
StrFromTimeIntervalA
SHRegSetUSValueW
SHRegQueryUSValueW
PathSkipRootA
PathMatchSpecW
StrPBrkA
PathRemoveBlanksA
UrlIsW
PathFindFileNameA
PathBuildRootW
SHRegQueryInfoUSKeyA
StrRetToStrW
PathIsSameRootA
RedrawWindow
ChangeDisplaySettingsW
GetMessagePos
ShowStartGlass
CharPrevA
EnumWindowStationsA
MessageBoxTimeoutW
EnumDesktopsW
BroadcastSystemMessageW
LoadBitmapA
GrayStringW
EndPaint
OpenIcon
SetMenuItemInfoA
SetActiveWindow
GetCursorPos
DrawTextA
GetClipCursor
GetMenu
DlgDirSelectExA
AnyPopup
GetClientRect
ToAscii
CharLowerBuffA
GetNextDlgTabItem
CharPrevExA
LoadImageW
BlockInput
GetTopWindow
UnhookWindowsHook
GetWindowTextW
LoadImageA
LoadAcceleratorsW
GetActiveWindow
DrawEdge
ShowCursor
GetUserObjectInformationW
GetKeyNameTextW
GetCursorInfo
SetMenuInfo
DrawFrameControl
GetNextDlgGroupItem
SetWindowWord
SetWindowsHookA
PeekMessageW
CharUpperW
ShowWindowAsync
LoadIconW
ChildWindowFromPoint
TranslateMessage
GetDlgItemTextW
GetTabbedTextExtentW
PaintDesktop
SetParent
BroadcastSystemMessageExW
ScrollWindow
GetWindowPlacement
DrawMenuBar
TabbedTextOutA
EnumPropsA
CreateMenu
OemToCharA
ShowOwnedPopups
FlashWindow
CreateAcceleratorTableW
ExitWindowsEx
RealChildWindowFromPoint
GetUpdateRect
GetUserObjectSecurity
IsChild
MapWindowPoints
SendNotifyMessageA
MapVirtualKeyA
PostMessageA
SetCaretPos
SetLastErrorEx
TrackMouseEvent
ClipCursor
SetMenuContextHelpId
SetClipboardViewer
SendDlgItemMessageA
GetWindowRect
SetCapture
DrawIcon
CharLowerW
SetKeyboardState
InvalidateRect
CreatePopupMenu
GetClassLongW
SetWindowTextW
GetProcessWindowStation
CloseWindowStation
LoadCursorA
DialogBoxIndirectParamW
GetSystemMenu
DrawCaptionTempW
EmptyClipboard
GetCaretBlinkTime
GetScrollRange
GetScrollInfo
LoadMenuA
SetWindowContextHelpId
PrivateExtractIconsA
GetCaretPos
DrawTextExA
wvsprintfW
ScrollChildren
MenuWindowProcA
SetMenu
MessageBoxIndirectA
LoadCursorFromFileA
LoadKeyboardLayoutW
RealGetWindowClassW
GetAltTabInfoA
CreateMDIWindowA
GetLastInputInfo
GetAltTabInfoW
wsprintfA
DragObject
UnregisterDeviceNotification
IsMenu
GetFocus
VerLanguageNameA
VerQueryValueW
VerLanguageNameW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
FlushPrinter
ConnectToPrinterDlg
DeletePrinter
StartPagePrinter
FindFirstPrinterChangeNotification
ConfigurePortW
StartDocDlgW
ADVANCEDSETUPDIALOG
WaitForPrinterChange
DocumentEvent
EnumPrinterDataA
SetJobW
EnumPrinterDataExA
FindClosePrinterChangeNotification
AddPortW
GetPrinterDataA
OpenPrinterA
DeletePrinterDataA
EnumFormsA
WSANtohl
WSAEnumNameSpaceProvidersA
WSAAsyncGetHostByName
WSAEnumProtocolsA
inet_addr
WSAWaitForMultipleEvents
gethostbyaddr
WSCGetProviderPath
WSARemoveServiceClass
WSACancelAsyncRequest
ntohs
WSCWriteNameSpaceOrder
WSACreateEvent
WSALookupServiceNextW
listen
WTSVirtualChannelPurgeInput
WTSCloseServer
WTSSendMessageW
WTSEnumerateServersW
WTSVirtualChannelRead
WTSEnumerateProcessesW
WTSQuerySessionInformationW
WTSLogoffSession
WTSEnumerateProcessesA
WTSOpenServerW
WTSVirtualChannelQuery
IdentifyCodeAuthzLevelW
WmiNotificationRegistrationW
MD5Update
AccessCheckByType
RegCreateKeyExA
DeleteService
RegSetValueW
CredReadA
EqualPrefixSid
QueryServiceConfig2A
CloseEventLog
UpdateTraceA
ObjectDeleteAuditAlarmW
WmiQueryAllDataA
RegisterEventSourceA
NotifyBootConfigStatus
BuildExplicitAccessWithNameA
CryptAcquireContextA
LsaGetQuotasForAccount
AccessCheckAndAuditAlarmW
ElfDeregisterEventSource
WmiQuerySingleInstanceMultipleW
CredWriteW
GetNamedSecurityInfoExW
WmiDevInstToInstanceNameA
LogonUserExA
LsaFreeMemory
RevertToSelf
GetServiceDisplayNameW
MD4Update
OpenSCManagerW
GetOldestEventLogRecord
GetTraceLoggerHandle
GetSecurityDescriptorRMControl
ImageList_BeginDrag
ImageList_SetBkColor
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
GetEffectiveClientRect
CreateStatusWindow
ImageList_DragMove
UninitializeFlatSB
FlatSB_ShowScrollBar
DestroyPropertySheetPage
ImageList_SetOverlayImage
ImageList_Destroy
PropertySheet
ImageList_GetIconSize
CreateToolbar
DrawStatusTextA
FlatSB_SetScrollPos
ImageList_AddIcon
ImageList_Add
ImageList_Duplicate
InitCommonControlsEx
ImageList_LoadImageA
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_Copy
FlatSB_EnableScrollBar
ImageList_EndDrag
PrintDlgA
PrintDlgExW
WantArrows
dwLBSubclass
GetOpenFileNameW
ReplaceTextA
ChooseFontW
PageSetupDlgA
GetFileTitleA
ChooseColorA
ReplaceTextW
PrintDlgW
LoadAlterBitmap
PageSetupDlgW
GetSaveFileNameA
ChooseFontA
dwOKSubclass
GetEnhMetaFileA
GdiFixUpHandle
CreatePen
STROBJ_bGetAdvanceWidths
GdiGetSpoolMessage
LPtoDP
CombineRgn
GetObjectType
GetCharABCWidthsI
SetMagicColors
GetBrushOrgEx
GetCharacterPlacementW
SetPaletteEntries
CreateBitmapIndirect
CopyEnhMetaFileA
GdiConvertBitmapV5
GetLogColorSpaceA
GetCurrentObject
StartFormPage
GetNearestColor
CreateDIBitmap
GdiResetDCEMF
PtVisible
SelectClipRgn
StrokeAndFillPath
CreateFontW
FlattenPath
AnyLinkedFonts
XFORMOBJ_bApplyXform
GetCharWidth32W
GetOutlineTextMetricsW
EngCreateSemaphore
GetKerningPairs
CreateFontIndirectExW
FONTOBJ_vGetInfo
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
CreateTimerQueue
GetCommandLineW
GetPrivateProfileStructW
GetConsoleMode
LocalAlloc
lstrcatA
UnhandledExceptionFilter
lstrcat
OpenFileMappingA
GetVolumePathNamesForVolumeNameA
GetConsoleProcessList
EnumResourceLanguagesW
FindActCtxSectionStringA
GetDiskFreeSpaceW
EndUpdateResourceW
GetTempPathW
GetSystemTimeAsFileTime
SetComputerNameA
WriteConsoleOutputW
lstrcmp
FormatMessageW
TransmitCommChar
GetExitCodeProcess
BeginUpdateResourceW
LoadResource
AllocConsole
EnumSystemGeoID
FormatMessageA
OutputDebugStringA
WritePrivateProfileStringW
ReadConsoleInputExA
GetExpandedNameA
GetSystemTime
GetEnvironmentVariableA
CopyFileW
VerifyConsoleIoHandle
CancelTimerQueueTimer
HeapAlloc
FlushViewOfFile
GetConsoleFontSize
FillConsoleOutputCharacterW
FoldStringA
SetProcessWorkingSetSize
InvalidateConsoleDIBits
CopyLZFile
GetVolumeInformationW
FatalAppExitA
SetFilePointerEx
DeleteTimerQueue
GetVolumeNameForVolumeMountPointA
SetCalendarInfoA
SetEnvironmentVariableW
GetSystemDefaultUILanguage
EnumSystemLanguageGroupsA
GlobalAddAtomA
ConvertDefaultLocale
IsProcessorFeaturePresent
SetEnvironmentVariableA
ReadConsoleA
WaitForMultipleObjectsEx
FindCloseChangeNotification
lstrcpyn
BackupSeek
InterlockedIncrement
SetCurrentDirectoryA
CallNamedPipeW
InitializeCriticalSectionAndSpinCount
MapViewOfFileEx
RequestDeviceWakeup
FindVolumeClose
CreateMailslotW
GetOEMCP
CreateJobSet
DisableThreadLibraryCalls
CallNamedPipeA
FlushFileBuffers
GlobalUnfix
GlobalSize
GetProcessIoCounters
CreateDirectoryA
GetDateFormatW
RegisterWowExec
BackupWrite
GlobalLock
AddAtomW
GetNumberOfConsoleFonts
GetComputerNameW
lstrcpyW
CloseProfileUserMapping
LZCopy
FindFirstFileExA
FindFirstFileA
CreateHardLinkW
FreeConsole
CreateFileMappingA
FindFirstFileW
lstrcmpW
LZCloseFile
LoadLibraryA
GetBinaryTypeA
GlobalAlloc
lstrcmpi
ReadDirectoryChangesW
GetCurrencyFormatA
ConsoleMenuControl
GetPrivateProfileSectionA
CreateFileA
RemoveVectoredExceptionHandler
OpenJobObjectA
GlobalGetAtomNameW
FlushConsoleInputBuffer
LCMapStringW
GetShortPathNameW
GetSystemInfo
GetEnvironmentStringsA
GetProcessTimes
SetProcessShutdownParameters
GlobalUnlock
VirtualQuery
DefineDosDeviceW
GetConsoleInputExeNameW
GetAtomNameA
PrivMoveFileIdentityW
BuildCommDCBAndTimeoutsA
GetCompressedFileSizeW
MapUserPhysicalPages
GetCurrentDirectoryA
ClearCommBreak
QueryActCtxW
GetCurrentActCtx
GetCurrentThread
lstrcpynW
GetSystemDefaultLangID
ReleaseSemaphore
GetModuleHandleA
WriteFileEx
FatalAppExitW
RtlCaptureContext
DeleteVolumeMountPointA
GetSystemTimeAdjustment
GetEnvironmentStrings
SetCommConfig
CompareFileTime
OpenEventW
SleepEx
CreateProcessW
LocalHandle
GetDefaultCommConfigA
HDC_UserUnmarshal
OleLockRunning
OleCreateMenuDescriptor
CoQueryClientBlanket
StgConvertPropertyToVariant
CoGetMarshalSizeMax
CoGetDefaultContext
PropStgNameToFmtId
CoGetStdMarshalEx
CLSIDFromOle1Class
MonikerRelativePathTo
OleRegGetUserType
OleCreateEx
SNB_UserUnmarshal
CreatePointerMoniker
CoRegisterSurrogate
OleCreateLink
CoUninitialize
OleCreateStaticFromData
CoLockObjectExternal
ReadFmtUserTypeStg
HDC_UserFree
CoCopyProxy
OleLoad
CoRevokeMallocSpy
StgCreatePropSetStg
SNB_UserMarshal
HBITMAP_UserFree
ReadOleStg
HBITMAP_UserSize
HMETAFILE_UserUnmarshal
CoCreateInstanceEx
OleRun
PropVariantCopy
CoIsHandlerConnected
CoGetInstanceFromIStorage
CoGetObjectContext
CreateDataAdviseHolder
CoSetState
OleCreateDefaultHandler
OleSaveToStream
CoFileTimeToDosDateTime
CoGetContextToken
StgCreatePropStg
HWND_UserSize
MkParseDisplayName
CoDisableCallCancellation
VarDecFromUI4
VarBoolFromR8
VarI2FromDec
VarDecFromUI8
VarDateFromDisp
VarI4FromI1
DispGetIDsOfNames
VariantInit
VarUI8FromBool
CreateDispTypeInfo
VarBstrFromI8
SafeArrayUnaccessData
VarUI4FromI1
VarBoolFromStr
VarIdiv
VarI1FromI4
VarFormatCurrency
VarUI4FromDate
VarMod
VarCyFromStr
VarUI8FromUI1
GetVarConversionLocaleSetting
VarI4FromUI1
VarI1FromR8
VarI4FromUI4
VarUI1FromDec
VarUI1FromR8
LPSAFEARRAY_Marshal
VarDiv
VarDateFromStr
VarI2FromUI8
VarI8FromDisp
VarUI1FromDisp
DragQueryFileW
SHGetUnreadMailCountW
ExtractAssociatedIconExW
SHChangeNotify
DllUnregisterServer
ExtractAssociatedIconExA
StrRChrA
StrCmpNIA
SHFileOperation
ExtractIconW
SHCreateProcessAsUserW
SHLoadNonloadedIconOverlayIdentifiers
SHCreateShellItem
SHInvokePrinterCommandW
SHGetIconOverlayIndexA
StrRChrIW
StrNCmpW
ExtractIconEx
SheChangeDirA
StrChrA
SHGetIconOverlayIndexW
ShellAboutW
ShellExecuteExW
SHGetDataFromIDListA
SHEnableServiceObject
DragQueryFile
SHGetDesktopFolder
SHGetDiskFreeSpaceExA
SHGetSpecialFolderPathA
SHEmptyRecycleBinW
SHGetFolderPathAndSubDirA
StrChrW
StrRStrW
SHAddToRecentDocs
FindExecutableA
AppCompat_RunDLLW
DoEnvironmentSubstA
StrRStrIA
SHGetInstanceExplorer
SHBrowseForFolderA
SHAppBarMessage
SHInvokePrinterCommandA
StrRStrIW
ShellExecuteA
DoEnvironmentSubstW
PathFindExtensionA
PathUndecorateW
StrCpyNW
StrNCatW
SHCopyKeyW
SHRegGetUSValueW
PathFindExtensionW
UrlEscapeA
PathIsRootW
UrlUnescapeW
PathIsLFNFileSpecA
PathCombineA
UrlUnescapeA
SHOpenRegStreamA
PathCombineW
PathRelativePathToW
UrlHashW
SHRegSetUSValueA
StrRetToBSTR
PathIsRootA
StrCpyW
StrToInt64ExA
SHRegQueryUSValueW
UrlHashA
SHRegEnumUSValueW
PathIsDirectoryEmptyA
SHReleaseThreadRef
UrlIsOpaqueA
PathAddExtensionA
SHQueryValueExA
PathFindFileNameW
SHSetThreadRef
PathRemoveBlanksA
IntlStrEqWorkerA
PathQuoteSpacesW
PathMatchSpecA
StrStrW
StrPBrkW
SHRegWriteUSValueW
MapWindowPoints
ChangeDisplaySettingsW
RegisterClipboardFormatA
EnumWindowStationsA
MessageBoxTimeoutW
MoveWindow
EnableScrollBar
ChangeDisplaySettingsA
SetSystemCursor
MessageBoxTimeoutA
GetClipboardViewer
GrayStringW
SetDeskWallpaper
WindowFromPoint
OemToCharBuffW
CascadeWindows
GetMessageTime
OpenWindowStationA
GetDC
GetCursorPos
GetDlgCtrlID
GetClipCursor
DlgDirSelectExA
EndMenu
AnyPopup
DefFrameProcA
LoadCursorFromFileW
GetMenuItemInfoW
SetMenuDefaultItem
PostThreadMessageW
SetScrollPos
LoadAcceleratorsA
CopyAcceleratorTableA
AlignRects
GetActiveWindow
ShowCursor
GetUpdateRgn
MapVirtualKeyExW
EnumClipboardFormats
GetWindowTextA
InvalidateRgn
DestroyMenu
DestroyWindow
GetMessageA
ClipCursor
IsCharAlphaNumericA
SetWindowsHookW
RegisterWindowMessageA
CallMsgFilterA
SetMenuContextHelpId
GetUserObjectInformationA
GetClassInfoExA
ShowWindow
GetCaretPos
SetWindowsHookA
ValidateRect
PeekMessageW
CharUpperW
GetClipboardFormatNameW
GetDlgItemTextW
GetMenuDefaultItem
GetDlgItemInt
CharNextExA
BroadcastSystemMessageExW
OpenDesktopW
EnumDisplaySettingsExA
GetWindowPlacement
LoadStringW
RegisterClassA
OpenDesktopA
GetScrollPos
GetSubMenu
CreateMenu
LoadKeyboardLayoutEx
IsDialogMessageW
FillRect
EnumThreadWindows
EnumPropsW
ToUnicode
GetWindowRgnBox
GetUpdateRect
GetGUIThreadInfo
CharToOemA
DrawMenuBarTemp
SetFocus
SendNotifyMessageA
GetMonitorInfoW
DrawAnimatedRects
GetClassWord
PostMessageA
BeginPaint
SetCaretPos
SetLastErrorEx
KillTimer
MapVirtualKeyW
GetClipboardOwner
CharPrevW
DefWindowProcA
ArrangeIconicWindows
SetDebugErrorLevel
GetSystemMetrics
GetWindowRect
InflateRect
InvertRect
IsDialogMessage
SetCapture
IsMenu
RegisterDeviceNotificationW
GetProcessWindowStation
GetAltTabInfoW
SetDlgItemTextA
GetCursor
CreateDialogParamW
RemovePropA
CreatePopupMenu
ShowCaret
GetWindowLongA
GetDCEx
GetDlgItem
RemovePropW
BringWindowToTop
SendInput
SetKeyboardState
CloseWindowStation
IsCharUpperA
FindWindowExA
LoadCursorA
LoadIconA
DialogBoxIndirectParamW
GetMenuStringA
TileChildWindows
GetMenuState
SetWindowsHookExW
GetSystemMenu
SetDoubleClickTime
SetForegroundWindow
DrawCaption
DrawCaptionTempW
DialogBoxIndirectParamA
SetSystemMenu
GetCaretBlinkTime
EndDialog
LoadMenuA
PrivateExtractIconsW
FindWindowW
WaitMessage
GetShellWindow
SetClassLongA
RemoveMenu
ShowScrollBar
MessageBoxW
RegisterClassExW
SendMessageCallbackA
SetRectEmpty
SetDlgItemInt
MessageBoxA
ChangeMenuW
GetWindowDC
AdjustWindowRectEx
SetUserObjectInformationW
CreateIcon
SetScrollInfo
CopyImage
SystemParametersInfoA
SetSysColors
DestroyIcon
EnumDisplayMonitors
GetAltTabInfoA
OemKeyScan
TileWindows
SubtractRect
SetCursorPos
SystemParametersInfoW
GetLastInputInfo
MonitorFromWindow
FrameRect
DeleteMenu
GetKeyNameTextW
CharNextW
GetClassNameW
DlgDirSelectExW
DefDlgProcW
DefDlgProcA
ModifyMenuW
CallWindowProcA
GetClassNameA
GetFocus
MenuWindowProcA
GetAncestor
ActivateKeyboardLayout
VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
VerFindFileW
VerLanguageNameW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerInstallFileW
VerQueryValueA
FtpCreateDirectoryA
FtpCreateDirectoryW
DocumentPropertiesW
SetPrinterA
ADVANCEDSETUPDIALOG
GetPrinterDataA
AddPrinterDriverExA
ConvertAnsiDevModeToUnicodeDevmode
GetSpoolFileHandle
AddJobW
QueryRemoteFonts
EnumPrinterDataExA
DeletePrinterConnectionA
QuerySpoolMode
EnumPrinterDataA
ConfigurePortA
GetDefaultPrinterA
ClosePrinter
DeletePrinterIC
DEVICEMODE
DeletePrinterDriverA
GetFormA
SplDriverUnloadComplete
EnumJobsA
EnumPrinterDataW
FlushPrinter
DeletePortA
EnumMonitorsA
AbortPrinter
GetPrinterDriverDirectoryA
EnumPrinterKeyW
SeekPrinter
ExtDeviceMode
StartDocPrinterW
AddPrintProvidorA
EnumPrintersW
EndDocPrinter
AdvancedDocumentPropertiesA
AddFormW
WSASocketA
htonl
WSAConnect
WSAInstallServiceClassA
WSARecvFrom
WSASendDisconnect
WSARecv
WSAInstallServiceClassW
freeaddrinfo
WSASend
WPUCompleteOverlappedRequest
WSAAddressToStringA
WSCEnumProtocols
getpeername
WSAGetLastError
WSASetBlockingHook
gethostname
WSAAccept
WSAGetServiceClassNameByClassIdA
WSACloseEvent
ntohl
WSAWaitForMultipleEvents
ntohs
WSAHtonl
WSALookupServiceEnd
WSAGetServiceClassInfoA
WSASetServiceW
WSARecvDisconnect
listen
WSANtohl
WSAUnhookBlockingHook
WSALookupServiceNextA
WSASetLastError
WSCWriteNameSpaceOrder
closesocket
WSAIoctl
WSANtohs
WSAEnumNameSpaceProvidersA
setsockopt
WSALookupServiceBeginW
bind
WSAIsBlocking
getprotobyname
WSCWriteProviderOrder
connect
WTSEnumerateSessionsA
WTSQueryUserConfigW
WTSSetSessionInformationA
WTSCloseServer
WTSQuerySessionInformationA
WTSSendMessageA
WTSTerminateProcess
WTSVirtualChannelRead
WTSVirtualChannelClose
WTSRegisterSessionNotification
WTSLogoffSession
WTSEnumerateSessionsW
WTSUnRegisterSessionNotification
WTSQueryUserConfigA
WTSOpenServerW
WTSVirtualChannelOpen
WTSDisconnectSession
WTSEnumerateServersA
Number of PE resources by type
RT_ICON 3
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 6
RUSSIAN 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
62976

ImageVersion
0.0

ProductName
ternals Desin wbugvieSy

FileVersionNumber
4.76.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
2.25

OriginalFilename
fdjuu5we.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.76

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
rnaStels Deut Viebug sinOuertpw

FileAccessDate
2014:11:18 19:33:23+01:00

ProductVersion
4.76

FileDescription
AllowMultipleInstances

OSVersion
4.0

FileCreateDate
2014:11:18 19:33:23+01:00

FileOS
Windows NT 32-bit

LegalCopyright
998 Ma8-20no0rk Ruichssiv

MachineType
Intel 386 or later, and compatibles

CompanyName
Slsysernaint

CodeSize
425472

FileSubtype
0

ProductVersionNumber
4.76.0.0

EntryPoint
0x14eb

ObjectFileType
Executable application

File identification
MD5 b7ef64e11486e9a3e6331daa20c4a211
SHA1 a0b1d705d4d38995b89f84c7e0df85289e67630b
SHA256 6923d833ae1c44171b73284951c204aa313ae6b8148f8506a2a7a153168f0f50
ssdeep
6144:g1cfUQmC3Gk7UGtZ2KjoZvsEEw0LPMyO8lkNRlDu6lvJuGOnEFfwBYygiE:DUMv1L2/YrANry6dYGOnEFfX

authentihash 1c2ce9a00000948586788bd41e6bf9dcebb3a38c9f2c33e802383b337aa439e7
imphash 92137fa5cbbdd04da8d66f0d1fb2d156
File size 478.0 KB ( 489472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Delphi generic (32.6%)
Windows Screen Saver (29.1%)
Win32 Dynamic Link Library (generic) (14.6%)
Win32 Executable (generic) (10.0%)
Win16/32 Executable Delphi generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-11-18 18:32:24 UTC ( 3 years, 6 months ago )
Last submission 2014-11-18 18:32:24 UTC ( 3 years, 6 months ago )
File names rnaStels Deut Viebug sinOuertpw
b7ef64e11486e9a3e6331daa20c4a211
fdjuu5we.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections