× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 69571092b47880022e4d5204103577c2ff9ce7dda1e5e0ca5b66fe73c95589e1
File name: uBzyRLJ4FFDzv8.exe
Detection ratio: 17 / 68
Analysis date: 2018-04-10 04:54:00 UTC ( 1 year ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180410
AVG FileRepMalware 20180410
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180409
Bkav HW32.Packed.E461 20180409
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cybereason malicious.e8a6e2 20180225
Cylance Unsafe 20180410
eGambit Unsafe.AI_Score_65% 20180410
Endgame malicious (high confidence) 20180403
Sophos ML heuristic 20180121
McAfee Emotet-FGM!DA0C660BEF6A 20180409
McAfee-GW-Edition BehavesLike.Win32.Emotet.nc 20180409
Qihoo-360 HEUR/QVM20.1.6758.Malware.Gen 20180410
Rising Trojan.Cloxer!8.F54F (TFE:4:DgpJXFaoEzJ) 20180409
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180409
Symantec ML.Attribute.HighConfidence 20180410
Ad-Aware 20180410
AegisLab 20180409
AhnLab-V3 20180409
Alibaba 20180409
ALYac 20180410
Antiy-AVL 20180410
Arcabit 20180410
Avast-Mobile 20180409
Avira (no cloud) 20180409
AVware 20180410
BitDefender 20180410
CAT-QuickHeal 20180409
ClamAV 20180410
CMC 20180409
Comodo 20180410
Cyren 20180409
DrWeb 20180410
Emsisoft 20180410
ESET-NOD32 20180409
F-Prot 20180409
F-Secure 20180410
Fortinet 20180410
GData 20180410
Ikarus 20180409
Jiangmin 20180410
K7AntiVirus 20180409
K7GW 20180410
Kaspersky 20180409
Kingsoft 20180410
Malwarebytes 20180409
MAX 20180410
Microsoft 20180409
eScan 20180409
NANO-Antivirus 20180409
nProtect 20180409
Palo Alto Networks (Known Signatures) 20180410
Panda 20180409
SUPERAntiSpyware 20180409
Symantec Mobile Insight 20180406
Tencent 20180410
TheHacker 20180404
TotalDefense 20180410
TrendMicro 20180410
TrendMicro-HouseCall 20180410
Trustlook 20180410
VBA32 20180409
VIPRE 20180410
ViRobot 20180410
Webroot 20180410
WhiteArmor 20180408
Yandex 20180408
Zillya 20180409
ZoneAlarm by Check Point 20180410
Zoner 20180410
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product DragCombo
Original name DragCombo.exe
Internal name DragCombo.exe
File version 1.2.10.6
Description DragCombo
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-10 04:46:12
Entry Point 0x00005469
Number of sections 10
PE sections
PE imports
GetKernelObjectSecurity
JetGetBookmark
InvertRgn
GetMetaFileA
GetWindowExtEx
GetPath
SetPriorityClass
GetSystemDefaultLangID
TransmitCommChar
LocalSize
GlobalUnlock
GetExitCodeProcess
EnumCalendarInfoW
GetDynamicTimeZoneInformation
GetProcessVersion
GetCommandLineA
UpdateResourceA
LeaveCriticalSection
IsPwrShutdownAllowed
ShellAboutA
StrFormatKBSizeW
AcquireCredentialsHandleA
IsCharUpperA
GetCursorInfo
GetInputState
GetWindowDC
CheckRadioButton
GetFocus
AdjustWindowRectEx
SetForegroundWindow
CheckMenuRadioItem
IsIconic
CreateCursor
CoReleaseServerProcess
Number of PE resources by type
RT_BITMAP 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
88576

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.2.10.6

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
DragCombo

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.9

EntryPoint
0x5469

OriginalFileName
DragCombo.exe

MIMEType
application/octet-stream

FileVersion
1.2.10.6

TimeStamp
2018:04:10 06:46:12+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
DragCombo.exe

ProductVersion
1.2.10.6-RELEASE-c2414ca0156a0385fb10514efac01a00086c215c

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
DragCombo

CodeSize
0

ProductName
DragCombo

ProductVersionNumber
1.2.10.6

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.2.10.6

File identification
MD5 da0c660bef6ab782e8a0ede2c33badae
SHA1 a7e1e25e8a6e292f179cd3033d7435ebfcf265d4
SHA256 69571092b47880022e4d5204103577c2ff9ce7dda1e5e0ca5b66fe73c95589e1
ssdeep
3072:s+NxZyYOCaWIRHHhIiByDa/iPocBRefg:sQyYHaWEHHhI6N2n3

authentihash 8872ab6664d41a9f4658ae96bd99e52f91901bc7ea3e85c7c4152cde1b68993c
imphash 8b5a9c285d61ef4cf6b23d75eea79942
File size 98.0 KB ( 100352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-10 04:54:00 UTC ( 1 year ago )
Last submission 2018-05-23 10:26:47 UTC ( 11 months ago )
File names DragCombo.exe
39908352.exe
uBzyRLJ4FFDzv8.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!