× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6efcb43053ba277c989992f9ddee98cf6be65ca6e740f6434d94f9c900f15094
File name: lnmflgf.exe
Detection ratio: 13 / 65
Analysis date: 2017-08-25 10:52:02 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Trickbot.R207364 20170825
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9980 20170825
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Cylance Unsafe 20170825
Endgame malicious (high confidence) 20170821
Fortinet W32/Generic.AP.9F5966!tr 20170825
Sophos ML heuristic 20170822
Palo Alto Networks (Known Signatures) generic.ml 20170825
Panda Trj/Genetic.gen 20170825
Qihoo-360 HEUR/QVM20.1.65D1.Malware.Gen 20170825
Rising Trojan.GenKryptik!8.AA55 (tfe:2:qJTMRZXgq7C) 20170825
SentinelOne (Static ML) static engine - malicious 20170806
WhiteArmor Malware.HighConfidence 20170817
Ad-Aware 20170825
AegisLab 20170825
Alibaba 20170825
ALYac 20170825
Antiy-AVL 20170825
Arcabit 20170825
Avast 20170825
AVG 20170825
Avira (no cloud) 20170825
AVware 20170825
BitDefender 20170825
Bkav 20170825
CAT-QuickHeal 20170824
ClamAV 20170825
CMC 20170825
Comodo 20170825
Cyren 20170825
DrWeb 20170825
Emsisoft 20170825
ESET-NOD32 20170825
F-Prot 20170825
F-Secure 20170825
GData 20170825
Ikarus 20170825
Jiangmin 20170825
K7AntiVirus 20170824
K7GW 20170821
Kaspersky 20170825
Kingsoft 20170825
Malwarebytes 20170825
MAX 20170825
McAfee 20170825
McAfee-GW-Edition 20170825
Microsoft 20170824
eScan 20170824
NANO-Antivirus 20170825
nProtect 20170825
Sophos AV 20170825
SUPERAntiSpyware 20170825
Symantec 20170825
Symantec Mobile Insight 20170825
Tencent 20170825
TheHacker 20170825
TotalDefense 20170825
TrendMicro 20170825
TrendMicro-HouseCall 20170825
Trustlook 20170825
VBA32 20170824
VIPRE 20170825
ViRobot 20170825
Webroot 20170825
Yandex 20170823
Zillya 20170825
ZoneAlarm by Check Point 20170825
Zoner 20170825
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-05-05 13:32:13
Entry Point 0x0001BC40
Number of sections 4
PE sections
PE imports
DeleteDC
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
SetHandleCount
GetSystemInfo
lstrlenA
GetVersionExW
GetOEMCP
HeapDestroy
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetEnvironmentStrings
GetCurrentDirectoryW
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCommandLineA
lstrcatW
SetStdHandle
GetModuleHandleA
WideCharToMultiByte
MapViewOfFile
SetFilePointer
lstrcmpA
WriteFile
GetStartupInfoA
CloseHandle
GetACP
GetModuleHandleW
TerminateProcess
GetVersion
InitializeCriticalSection
HeapCreate
CreateFileW
VirtualFree
TlsGetValue
GetFileType
TlsSetValue
ExitProcess
GetCurrentThreadId
GetProcAddress
VirtualAlloc
SetLastError
LeaveCriticalSection
CommandLineToArgvW
MapWindowPoints
RegisterClassExW
RedrawWindow
GetScrollRange
EndDialog
BeginPaint
DefWindowProcW
GetScrollPos
GetMessageW
PostQuitMessage
MessageBeep
MessageBoxW
EndPaint
SetMenu
DialogBoxParamW
TranslateMessage
SetMenuItemInfoW
SetDlgItemTextW
DispatchMessageW
GetCursorPos
EndDeferWindowPos
ShowCaret
SendMessageW
RegisterClassW
PtInRect
LoadStringW
SetScrollRange
EnableMenuItem
FrameRect
OpenClipboard
GetClassNameW
GetActiveWindow
ModifyMenuW
GetDesktopWindow
LockWindowUpdate
LoadIconW
CreateWindowExW
LoadAcceleratorsW
wsprintfW
TranslateAcceleratorW
DestroyWindow
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:05:05 06:32:13-07:00

FileType
Win32 EXE

PEType
PE32

CodeSize
382464

LinkerVersion
10.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1bc40

InitializedDataSize
168960

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Compressed bundles
File identification
MD5 c0da979c2c7c8e15b925bd9c662c3506
SHA1 ee5b373c789df94d75cc39b5c6a92c06cfe03036
SHA256 6efcb43053ba277c989992f9ddee98cf6be65ca6e740f6434d94f9c900f15094
ssdeep
6144:61lbwF8h7+2ox5w82GrPHhIUbtiboW/agX/TPswQGyWdfiSmPP8:YJweEjw2/664rPswQfW1k8

authentihash afb945d2afe2792bbbeb0a553dfd1ac37fffb6c6e7a35f9c1da021dfaf54a035
imphash a1f61269f60b1088f1956b9e1cd31fd1
File size 528.0 KB ( 540672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-08-25 10:52:02 UTC ( 1 year, 7 months ago )
Last submission 2019-03-06 04:04:08 UTC ( 1 month, 2 weeks ago )
File names logo.png.exe
lnmflgf.exe
c0da979c2c7c8e15b925bd9c662c3506.vir
lnmflgf.exe
logo.png
logo.png.exe
VirusShare_c0da979c2c7c8e15b925bd9c662c3506
knfn.png.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Terminated processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications