× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6dcb5d4419590c6c0463048f0001ab3999e6ea977143e77edfbc4da1f0adf1a6
File name: 3330.exe
Detection ratio: 7 / 56
Analysis date: 2017-02-07 11:02:44 UTC ( 2 years ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170207
Bkav HW32.Packed.41A3 20170206
Comodo Heur.Packed.Unknown 20170207
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Sophos ML backdoor.win32.drixed.m 20170203
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20170207
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20170207
Ad-Aware 20170207
AegisLab 20170207
AhnLab-V3 20170206
Alibaba 20170122
ALYac 20170207
Antiy-AVL 20170207
Arcabit 20170207
Avast 20170207
AVG 20170207
Avira (no cloud) 20170207
AVware 20170207
BitDefender 20170207
CAT-QuickHeal 20170207
ClamAV 20170207
CMC 20170207
Cyren 20170207
DrWeb 20170207
Emsisoft 20170207
ESET-NOD32 20170207
F-Prot 20170207
F-Secure 20170207
Fortinet 20170207
GData 20170207
Ikarus 20170206
Jiangmin 20170207
K7AntiVirus 20170207
K7GW 20170207
Kaspersky 20170207
Kingsoft 20170207
Malwarebytes 20170207
McAfee 20170207
Microsoft 20170207
eScan 20170207
NANO-Antivirus 20170207
nProtect 20170207
Panda 20170206
Rising 20170207
Sophos AV 20170207
SUPERAntiSpyware 20170207
Symantec 20170206
Tencent 20170207
TheHacker 20170205
TotalDefense 20170207
TrendMicro 20170207
Trustlook 20170207
VBA32 20170206
VIPRE 20170207
ViRobot 20170207
WhiteArmor 20170202
Yandex 20170206
Zillya 20170206
Zoner 20170207
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Ghbsg Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name COMUID.DLL
Internal name COMUID.DLL
File version 2001.12.10530.17415 (winblue_r4.141028-1500)
Description COM+ Explorer UI
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-06 21:32:23
Entry Point 0x0000CD60
Number of sections 9
PE sections
PE imports
GetProfileStringW
UnlockFile
RemoveDirectoryW
FreeConsole
GetCommandLineA
ScrollConsoleScreenBufferW
GetCurrentThreadId
_snwprintf_l
PdhParseCounterPathW
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
109568

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
2001.12.10530.17415

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
COM+ Explorer UI

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
COMUID.DLL

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
2001.12.10530.17415 (winblue_r4.141028-1500)

TimeStamp
2017:02:06 22:32:23+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
COMUID.DLL

ProductVersion
6.3.9601.17415

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Ghbsg Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Ghbsg Corporation

CodeSize
49152

FileSubtype
0

ProductVersionNumber
6.3.9600.17415

EntryPoint
0xcd60

ObjectFileType
Dynamic link library

File identification
MD5 315044424d854d012f4bac9d3ab2b416
SHA1 235ec2dd54258b237d0be9c9ee609f31c9156890
SHA256 6dcb5d4419590c6c0463048f0001ab3999e6ea977143e77edfbc4da1f0adf1a6
ssdeep
3072:w31n6qWsE3gLG/FGgUqZiW+s5aC6h/pDqKGuRbBng0:w31IsEzFWs+g6hpuKPZ/

authentihash 0666d5a233e7917c7f40d34876140dfcda3940c9a19a681584dc8f2d9be598e9
imphash bc4b476354f44600043eca766a93c10c
File size 140.8 KB ( 144140 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-02-07 11:02:44 UTC ( 2 years ago )
Last submission 2017-02-08 23:39:04 UTC ( 2 years ago )
File names tsk.exe
315044424d854d012f4bac9d3ab2b416.exe
171447.exe
6dcb5d4419590c6c0463048f0001ab3999e6ea977143e77edfbc4da1f0adf1a6
COMUID.DLL
3330.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!