× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6c9d67aba3f51df325b653bec8e019acf3fd0410517543c9458aeeadad527891
File name: axilans.exe
Detection ratio: 4 / 55
Analysis date: 2016-08-22 09:53:16 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
McAfee-GW-Edition BehavesLike.Win32.Expiro.fc 20160822
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20160822
Symantec Heur.AdvML.B 20160822
Tencent Win32.Trojan.Inject.Auto 20160822
Ad-Aware 20160822
AegisLab 20160822
AhnLab-V3 20160822
Alibaba 20160822
ALYac 20160822
Antiy-AVL 20160822
Arcabit 20160822
Avast 20160822
AVG 20160822
Avira (no cloud) 20160822
AVware 20160822
Baidu 20160820
BitDefender 20160822
Bkav 20160820
CAT-QuickHeal 20160822
ClamAV 20160822
CMC 20160822
Comodo 20160822
Cyren 20160822
DrWeb 20160822
Emsisoft 20160822
ESET-NOD32 20160822
F-Prot 20160822
F-Secure 20160822
Fortinet 20160822
GData 20160822
Ikarus 20160822
Jiangmin 20160822
K7AntiVirus 20160822
K7GW 20160822
Kaspersky 20160822
Kingsoft 20160822
Malwarebytes 20160822
McAfee 20160822
Microsoft 20160822
eScan 20160822
NANO-Antivirus 20160822
nProtect None
Panda 20160821
Rising 20160822
Sophos AV 20160822
SUPERAntiSpyware 20160822
TheHacker 20160821
TrendMicro 20160822
TrendMicro-HouseCall 20160822
VBA32 20160819
VIPRE 20160822
ViRobot 20160822
Yandex 20160821
Zillya 20160820
Zoner 20160822
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-21 16:47:50
Entry Point 0x000085DD
Number of sections 7
PE sections
PE imports
SystemFunction036
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GetConsoleCP
SetEvent
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
WaitForSingleObjectEx
RtlUnwind
FreeLibrary
GetStdHandle
DeleteCriticalSection
GetCommTimeouts
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
GetUserDefaultLCID
EnumSystemLocalesW
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetStdHandle
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
InitializeSListHead
GetLocaleInfoW
ExitProcess
RaiseException
LockFileEx
WideCharToMultiByte
TlsFree
GetQueuedCompletionStatus
FindFirstFileExA
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CloseHandle
GetSystemTimeAsFileTime
FindNextFileA
IsValidLocale
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
WriteConsoleW
GetFullPathNameA
GetOEMCP
TerminateProcess
CreateEventW
ResetEvent
GetModuleHandleExW
IsValidCodePage
CreateFileW
SetFilePointerEx
FindClose
TlsGetValue
GetFileType
TlsSetValue
HeapAlloc
GetCurrentThreadId
GetProcessHeap
SetLastError
LeaveCriticalSection
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:08:21 17:47:50+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
110592

LinkerVersion
14.0

EntryPoint
0x85dd

InitializedDataSize
222720

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 b03ac06a72be5f065ed00782159e8744
SHA1 f200a3a96a7cceb93905f6ed6c8a9cd3ed4b7719
SHA256 6c9d67aba3f51df325b653bec8e019acf3fd0410517543c9458aeeadad527891
ssdeep
6144:XaE345ZvO6QhxfAOKbHU4acXGKA3bFWwa8ArigNfX4:XaEo/vOvxf4I4TWPFr

authentihash 3be56b8601701b69a473f8b922111ea6856544454858851f33fb3d4328e41dfa
imphash bff0e7b0b078b4363185ae56722925b6
File size 322.5 KB ( 330240 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.4%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-08-22 09:45:19 UTC ( 2 years, 8 months ago )
Last submission 2016-12-08 17:18:46 UTC ( 2 years, 4 months ago )
File names axilans.exe
axilans.exe
6c9d67aba3f51df325b653bec8e019acf3fd0410517543c9458aeeadad527891.exe
axilans.exe
xilans.exe
axilans.exe
axilans.exevirus
axilans.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs
UDP communications