× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 694a88405285225c5fe27a6fcc6e13fc1f375a3c33cc20fa0dc000705233d13e
File name: dllcache.exe
Detection ratio: 33 / 41
Analysis date: 2009-07-27 19:21:25 UTC ( 8 years, 2 months ago ) View latest
Antivirus Result Update
a-squared Riskware.Win32.Injector!IK 20090727
AhnLab-V3 Win-Trojan/Agent2.48640.B 20090727
AntiVir TR/Crypt.ZPACK.Gen 20090727
Avast Win32:Inject-SW 20090726
AVG BackDoor.Generic11.UTM 20090727
BitDefender Trojan.Generic.2039970 20090727
CAT-QuickHeal Trojan.Agent.ATV 20090727
ClamAV Trojan.Agent-118608 20090727
Comodo TrojWare.Win32.Trojan.Agent.Gen 20090727
DrWeb BackDoor.Siggen.205 20090727
eSafe Win32.TRCrypt.ZPACK 20090727
eTrust-Vet Win32/CInject.BJ 20090727
F-Secure Trojan.Win32.Agent2.cfwc 20090727
Fortinet W32/Inject.HI!tr 20090727
GData Trojan.Generic.2039970 20090727
Ikarus VirTool.Win32.Injector 20090727
Jiangmin Trojan/Agent.ctwc 20090727
Kaspersky Trojan.Win32.Agent2.cfwc 20090727
McAfee BackDoor-DOQ.gen.e 20090727
McAfee+Artemis BackDoor-DOQ.gen.e 20090727
McAfee-GW-Edition Trojan.Crypt.ZPACK.Gen 20090727
Microsoft VirTool:Win32/Injector.gen!B 20090727
Norman W32/Smalldoor.EHPR 20090727
Panda W32/Sdbot.MBD.worm 20090727
Prevx High Risk Cloaked Malware 20090727
Rising Trojan.Spy.Win32.Undef.kz 20090727
Sophos AV Troj/Inject-HI 20090727
Sunbelt Bulk Trojan 20090726
Symantec Trojan Horse 20090727
TheHacker Trojan/Agent2.cfwc 20090726
TrendMicro WORM_CFWC.C 20090727
VBA32 Trojan.Win32.Agent2.cfwc 20090727
VirusBuster Trojan.Inject.Gen.5 20090727
Antiy-AVL 20090727
Authentium 20090727
F-Prot 20090727
K7AntiVirus 20090727
NOD32 20090727
nProtect 20090727
PCTools 20090727
ViRobot 20090727
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-06-14 21:51:12
Entry Point 0x00002EA6
Number of sections 4
PE sections
PE imports
RegQueryValueExA
RegOpenKeyA
RegCloseKey
GetStartupInfoA
lstrcatA
GetModuleHandleA
OpenProcess
GlobalAlloc
ExitProcess
GetProcAddress
_except_handler3
_acmdln
memset
__p__fmode
_adjust_fdiv
__setusermatherr
__p__commode
strcat
free
_controlfp
strcpy
exit
_XcptFilter
__getmainargs
calloc
_exit
strlen
_initterm
__set_app_type
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2009:06:14 22:51:12+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
8704

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
2048

SubsystemVersion
4.0

EntryPoint
0x2ea6

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 c5cc7291d72adfc96a489fc93d35a0cd
SHA1 32b868012ff11ce6a26ddc1277f885dfe6b84f5e
SHA256 694a88405285225c5fe27a6fcc6e13fc1f375a3c33cc20fa0dc000705233d13e
ssdeep
768:P9rJkd7oPZdDlO8h1QMnqZ76nT6TawvXtrlW+gjuLx7x8B4AE+L:3kRmhln1hqeTQM+gjuIE+L

authentihash 2b102ba5f40de92bca6b7a903f17b8554e68bac4e86684fcf804db5554aad606
imphash 9ce1a72c514ac6a70b8792e2883e4154
File size 47.5 KB ( 48640 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2009-06-15 19:11:22 UTC ( 8 years, 4 months ago )
Last submission 2016-01-19 13:15:48 UTC ( 1 year, 9 months ago )
File names Xcun.png
dllcache.exe
aa
10.scr
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!