× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 69baedcd4300842e9d2c7c2938bbfcfdb65cf384c6fd8e3b2622f2e1546c9bb7
File name: h54f3.exe
Detection ratio: 1 / 54
Analysis date: 2015-12-03 10:19:36 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20151203
Ad-Aware 20151130
AegisLab 20151203
Yandex 20151202
AhnLab-V3 20151203
Alibaba 20151203
ALYac 20151203
Antiy-AVL 20151203
Arcabit 20151203
Avast 20151203
AVG 20151203
Avira (no cloud) 20151203
AVware 20151203
Baidu-International 20151203
BitDefender 20151203
Bkav 20151202
ByteHero 20151203
CAT-QuickHeal 20151203
ClamAV 20151203
Comodo 20151202
Cyren 20151203
DrWeb 20151203
Emsisoft 20151209
ESET-NOD32 20151203
F-Prot 20151203
F-Secure 20151203
Fortinet 20151203
GData 20151203
Ikarus 20151203
Jiangmin 20151201
K7AntiVirus 20151202
K7GW 20151202
Kaspersky 20151203
Malwarebytes 20151203
McAfee 20151203
McAfee-GW-Edition 20151203
Microsoft 20151203
eScan 20151203
NANO-Antivirus 20151203
nProtect 20151203
Panda 20151202
Rising 20151202
Sophos AV 20151203
SUPERAntiSpyware 20151203
Symantec 20151202
Tencent 20151209
TheHacker 20151202
TrendMicro 20151203
TrendMicro-HouseCall 20151203
VBA32 20151202
VIPRE 20151203
ViRobot 20151203
Zillya 20151203
Zoner 20151203
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright ? 2000 - 2014 KG and its Licensors Masters ITM

Product Hyperlink Verify
Original name Hyperlink Verify
Internal name Hyperlink Verify
File version 6.8.1.6
Description Howard Lack Trickier Entré Complicated
Comments Howard Lack Trickier Entré Complicated
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-03 09:47:12
Entry Point 0x00007F3F
Number of sections 4
PE sections
PE imports
ConvertSidToStringSidA
AllocateAndInitializeSid
AVIFileGetStream
AVIStreamLength
AVIFileOpenA
AVIStreamStart
AVIStreamGetFrameOpen
AVIStreamInfoA
ImageList_GetImageCount
ImageList_Create
ImageList_Add
GetOpenFileNameA
CommDlgExtendedError
GetFileTitleW
CreatePolygonRgn
CreatePen
Rectangle
GetObjectA
LineTo
DeleteDC
SetBkMode
BitBlt
CreateDIBSection
EnumFontFamiliesA
RealizePalette
SetTextColor
GetDeviceCaps
FillRgn
MoveToEx
GetStockObject
CreateDIBitmap
SelectPalette
ExtTextOutA
GetDIBits
CreateCompatibleDC
CreateFontW
SetROP2
CreateRectRgn
SelectObject
CreateSolidBrush
SetBkColor
DeleteObject
GetTcpTable
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
LocalFree
MoveFileA
LoadResource
AllocConsole
InterlockedDecrement
GetEnvironmentVariableW
SetLastError
IsDebuggerPresent
ExitProcess
GetTempFileNameA
GetModuleFileNameA
GetVolumeInformationA
WriteProfileStringA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
SetFilePointer
SetUnhandledExceptionFilter
MulDiv
TerminateProcess
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetDateFormatA
DeleteFileA
WaitForMultipleObjects
GetProcessHeap
GetFileSizeEx
lstrcpyA
GetTimeFormatA
FreeConsole
GetProcAddress
GetConsoleWindow
CreateEventA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetProcessTimes
GetEnvironmentStringsW
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GlobalLock
GetModuleHandleW
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
ICSendMessage
ReadGlobalPwrPolicy
GetProcessMemoryInfo
StrToInt64ExA
PathFileExistsW
StrToIntA
SetFocus
LoadImageA
UpdateWindow
PostQuitMessage
MoveWindow
CreateDialogIndirectParamA
ShowCaret
DestroyMenu
FindWindowA
DefWindowProcA
ShowWindow
SetWindowPos
SetWindowRgn
SetWindowWord
GetSystemMetrics
SetScrollPos
SetScrollRange
AppendMenuA
InflateRect
EndPaint
SetMenu
SetDlgItemTextA
SetMenuItemInfoA
EnumChildWindows
MessageBoxA
SetWindowLongA
BeginPaint
GetWindow
GetSysColor
GetWindowWord
SetScrollInfo
InsertMenuItemA
SystemParametersInfoA
GetDlgCtrlID
CreatePopupMenu
CheckMenuItem
GetMenu
GetWindowLongA
FindWindowExA
SendMessageA
GetWindowRgn
CreateWindowExA
GetDlgItem
DrawMenuBar
DrawTextW
EnableMenuItem
SetRect
InvalidateRect
DrawFocusRect
SendMessageTimeoutA
CreateMenu
LoadCursorA
DrawTextA
GetMenuItemInfoA
GetClientRect
DestroyAcceleratorTable
GetDesktopWindow
GetDialogBaseUnits
GetClassNameA
GetWindowTextLengthW
GetDC
ReleaseDC
FillRect
CreateAcceleratorTableA
SetCursor
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetOpenA
HttpQueryInfoA
inet_ntoa
ntohs
WTSEnumerateSessionsA
WTSQuerySessionInformationA
WTSCloseServer
WTSOpenServerA
WTSFreeMemory
GdiplusShutdown
GdipDeleteFontFamily
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipDisposeImage
GdipDrawString
GdipCreateFontFamilyFromName
GdipFlush
GdipDeleteBrush
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdiplusStartup
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFont
GdipDeleteFont
GdipCreateFromHDC2
Number of PE resources by type
RT_RCDATA 15
RT_BITMAP 9
RT_STRING 5
RT_DIALOG 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 33
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Copyright 2000 - 2014 KG and its Licensors Masters ITM

SubsystemVersion
5.0

Comments
Howard Lack Trickier Entr Complicated

Languages
English

InitializedDataSize
88064

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.8.1.6

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Howard Lack Trickier Entr Complicated

CharacterSet
Unicode

LinkerVersion
9.0

PrivateBuild
6.8.1.6

EntryPoint
0x7f3f

OriginalFileName
Hyperlink Verify

MIMEType
application/octet-stream

LegalCopyright
Copyright 2000 - 2014 KG and its Licensors Masters ITM

FileVersion
6.8.1.6

TimeStamp
2015:12:03 10:47:12+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Hyperlink Verify

ProductVersion
6.8.1.6

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Masters ITM

CodeSize
126976

ProductName
Hyperlink Verify

ProductVersionNumber
6.8.1.6

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
6.8.1.6

File identification
MD5 1bfd7cdc2731ec85617555f63473e3c9
SHA1 3720cb2135d0670130c4c487431177ae1b849301
SHA256 69baedcd4300842e9d2c7c2938bbfcfdb65cf384c6fd8e3b2622f2e1546c9bb7
ssdeep
3072:iBX1SY5b43I1IJwqF5aFoh1g/nIa4BEVgBhHTyMXCiaMiu4B5co2sQAHmI:ivB5sY1OwqHaCzRBsgBhWJiJiWiQyJ

authentihash 73b2c4b3259444a6a352a234fd67ff46134942be68c8deedc45eb321d0e46632
imphash c418837d98f45069040ed7ab0302ced3
File size 211.0 KB ( 216064 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-12-03 09:58:27 UTC ( 2 years, 7 months ago )
Last submission 2016-12-17 02:35:35 UTC ( 1 year, 7 months ago )
File names colocget.exe
h54f3.exe
1bfd7cdc2731ec85617555f63473e3c9.exe
h54f3[1].exe.201109.DROPPED
h54f3_exe
Hyperlink Verify
colocget.exe
H54F3[1].EXE
h54f3[1].exe
colocget.exe.202640.DROPPED
out
3720cb2135d0670130c4c487431177ae1b849301.exe
69baedcd4300842e9d2c7c2938bbfcfdb65cf384c6fd8e3b2622f2e1546c9bb7.exe
h54f3.ex_
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections