× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6a888dc84bf2dc17e60a7931d74b4e5e7c5a4b7bc2f507f09709d77bb3b8496f
File name: apkdexjar.exe
Detection ratio: 50 / 65
Analysis date: 2017-08-28 17:56:02 UTC ( 9 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.Lethic.Gen.9 20170828
AegisLab Troj.W32.Yakes.mCXz 20170828
AhnLab-V3 Trojan/Win32.Injector.R167840 20170828
Antiy-AVL Trojan/Win32.AGeneric 20170828
Arcabit Trojan.Lethic.Gen.9 20170828
Avast Win32:Androp [Drp] 20170828
AVG Win32:Androp [Drp] 20170828
Avira (no cloud) TR/Crypt.ZPACK.201638 20170828
AVware Trojan.Win32.Generic!BT 20170828
Baidu Win32.Trojan.Kryptik.qd 20170828
BitDefender Trojan.Lethic.Gen.9 20170828
CAT-QuickHeal Ransom.Crowti.WR7 20170828
Comodo UnclassifiedMalware 20170828
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Cylance Unsafe 20170828
Cyren W32/Agent.XL.gen!Eldorado 20170828
DrWeb Trojan.PWS.Siggen1.43350 20170828
Emsisoft Trojan.Lethic.Gen.9 (B) 20170828
Endgame malicious (high confidence) 20170821
ESET-NOD32 a variant of Win32/Kryptik.EDEE 20170828
F-Prot W32/Agent.XL.gen!Eldorado 20170828
F-Secure Trojan.Lethic.Gen.9 20170828
Fortinet W32/Kryptik.EGLA!tr 20170828
GData Trojan.Lethic.Gen.9 20170828
Ikarus Trojan.Win32.Crypt 20170828
Sophos ML heuristic 20170822
Jiangmin Trojan.Generic.euic 20170828
K7AntiVirus Trojan ( 004d5b101 ) 20170828
K7GW Trojan ( 004d5b101 ) 20170828
Kaspersky HEUR:Trojan.Win32.Generic 20170828
Malwarebytes Trojan.PasswordStealer 20170828
MAX malware (ai score=86) 20170828
McAfee Artemis!4F9E35C56B87 20170826
McAfee-GW-Edition BehavesLike.Win32.Generic.jh 20170828
eScan Trojan.Lethic.Gen.9 20170828
NANO-Antivirus Trojan.Win32.Inject.dynbim 20170828
Palo Alto Networks (Known Signatures) generic.ml 20170828
Panda Trj/Genetic.gen 20170828
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20170828
Rising Trojan.Generic (cloud:4MrjbSVp9hV) 20170828
SentinelOne (Static ML) static engine - malicious 20170806
Sophos AV Mal/Wonton-BP 20170828
SUPERAntiSpyware Trojan.Agent/Gen-PWS 20170828
Symantec Ransom.TeslaCrypt!g6 20170828
Tencent Win32.Trojan.Inject.Pgxi 20170828
VIPRE Trojan.Win32.Generic!BT 20170828
Webroot W32.Malware.gen 20170828
Yandex Trojan.Inject!UVE8ajgi4MA 20170828
Zillya Trojan.Inject.Win32.183584 20170828
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20170828
Alibaba 20170828
ALYac 20170828
Bkav 20170828
ClamAV 20170828
CMC 20170828
Kingsoft 20170828
Microsoft 20170828
nProtect 20170828
Symantec Mobile Insight 20170828
TheHacker 20170825
TotalDefense 20170828
TrendMicro 20170828
TrendMicro-HouseCall 20170828
Trustlook 20170828
VBA32 20170828
ViRobot 20170828
WhiteArmor 20170817
Zoner 20170828
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product apkdex
Original name apkdexjar.exe
Internal name apkdexjar.exe
File version 1.0.0.7
Description apkdexjar
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-11-02 15:00:07
Entry Point 0x00019C22
Number of sections 4
PE sections
Overlays
MD5 73ff28da793af3f70194393728b8ef9e
File type data
Offset 648192
Size 1979
Entropy 7.86
PE imports
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
SetBitmapBits
SetDCBrushColor
CreateRectRgnIndirect
GetTextCharset
GetPixel
ExcludeClipRect
TranslateCharsetInfo
CreateCompatibleDC
SetBkMode
GetCharWidthW
GetBitmapDimensionEx
GetRegionData
FrameRgn
StrokePath
GetGraphicsMode
CreateRoundRectRgn
RoundRect
GetTextFaceA
Chord
CreateFontIndirectA
GetNearestPaletteIndex
DeleteObject
Ellipse
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryA
GetModuleFileNameW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
GetACP
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
MapUserPhysicalPagesScatter
GetLocaleInfoA
GetCurrentProcessId
GetModuleHandleW
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetNamedPipeHandleStateW
GetStringTypeA
FindNextChangeNotification
HeapAlloc
GetPrivateProfileSectionW
GetCPInfo
TlsFree
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CreateMemoryResourceNotification
CreateHardLinkW
GetSystemTimeAsFileTime
DeleteFileW
ExitThread
HeapReAlloc
GetStringTypeW
GlobalLock
SetEnvironmentVariableA
SetThreadContext
FormatMessageW
TerminateProcess
CreateProcessA
LCMapStringA
ConvertThreadToFiber
IsValidCodePage
HeapCreate
GlobalAlloc
VirtualFree
GetDiskFreeSpaceExW
TlsGetValue
Sleep
GetFileType
CreateTimerQueue
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
RemoveVectoredExceptionHandler
SetLastError
InterlockedIncrement
SHGetFolderPathW
SHBrowseForFolderW
DragQueryFileW
DragAcceptFiles
ShellExecuteW
SHGetPathFromIDListW
ExtractIconExW
CommandLineToArgvW
SetFocus
RegisterWindowMessageW
GetUserObjectInformationW
ReleaseCapture
RedrawWindow
GetFocus
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
CheckRadioButton
CreateAcceleratorTableW
GetWindowTextW
ShowWindow
SetWindowPos
GetClassInfoExW
IsWindow
SendMessageW
EndPaint
SetCapture
IsRectEmpty
DialogBoxParamW
GetClassInfoW
DialogBoxParamA
ScrollDC
GetAsyncKeyState
GetWindow
GetSysColor
GetWindowWord
DispatchMessageW
GetKeyState
CreateDialogParamW
RegisterClassExW
PrintWindow
CallWindowProcW
DestroyWindow
SetWindowTextW
ToAscii
GetDlgItem
GetMenuCheckMarkDimensions
DrawTextW
MoveWindow
UnionRect
MonitorFromWindow
ScreenToClient
GetClassLongA
GetClassNameW
MessageBoxIndirectA
CreateWindowExW
GetClientRect
IsCharUpperA
InvalidateRect
UnregisterClassW
PostThreadMessageW
GetTopWindow
GetMenu
CopyRect
DestroyAcceleratorTable
GetDesktopWindow
CharUpperW
IsWindowUnicode
IsCharUpperW
GetWindowTextLengthW
GetDC
CheckMenuItem
GetWindowLongW
GetCursorPos
InvalidateRgn
CharNextW
DefDlgProcW
IsChild
PtInRect
HttpQueryInfoW
InternetConnectW
InternetReadFile
InternetCloseHandle
HttpSendRequestW
InternetOpenW
HttpOpenRequestW
OleUninitialize
OleInitialize
CoLockObjectExternal
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
DoDragDrop
RevokeDragDrop
CoTaskMemFree
OleTranslateAccelerator
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
506880

ImageVersion
0.0

ProductName
apkdex

FileVersionNumber
1.0.0.7

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
apkdexjar.exe

MIMEType
application/octet-stream

FileVersion
1.0.0.7

TimeStamp
2015:11:02 16:00:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
apkdexjar.exe

ProductVersion
1.0.0.7

FileDescription
apkdexjar

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Atanas Neshkov

CodeSize
140288

FileSubtype
0

ProductVersionNumber
1.0.0.7

EntryPoint
0x19c22

ObjectFileType
Unknown

File identification
MD5 4f9e35c56b87b516b587c64da33f2012
SHA1 cbe703ef24f64a0dc99ff06b3b0379235e0ecaf1
SHA256 6a888dc84bf2dc17e60a7931d74b4e5e7c5a4b7bc2f507f09709d77bb3b8496f
ssdeep
12288:XBMcMlnKc7/dIk/+d1kN3lZ9YYkdDNHPPw0ZpVxI:KcMBKchW1ktlrYYM1Y0ZfxI

authentihash baccccfbb26abd3115eb2cfcece77361fc877b8cb0cf03cec134b0297499eb3c
imphash b28f2df80fad4897803e630676f6614a
File size 634.9 KB ( 650171 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-11-02 15:08:35 UTC ( 2 years, 7 months ago )
Last submission 2015-11-02 15:08:35 UTC ( 2 years, 7 months ago )
File names apkdexjar.exe
bot.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Created mutexes
Opened mutexes
Runtime DLLs