× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 726ea36762727126f6af0e1a8e99b1a550bef55e2f78a98d8f4a5c33f3f11ddb
File name: VirusShare_3379aa3d3bbc6c1b7b2825e84b72b8d7
Detection ratio: 47 / 52
Analysis date: 2014-05-06 05:44:14 UTC ( 4 years, 5 months ago )
Antivirus Result Update
Ad-Aware Win32.Virtob.6.Gen 20140506
Yandex Win32.Virut.Gen.4 20140505
AhnLab-V3 Win32/Virut 20140505
AntiVir W32/Virut.Gen 20140506
Antiy-AVL Virus/Win32.Virut.a 20140506
Avast Win32:Virut 20140506
AVG Win32/Virut.A 20140506
Baidu-International Virus.Win32.Virut.$a 20140505
BitDefender Win32.Virtob.6.Gen 20140506
Bkav W32.FemaRub.PE 20140505
CAT-QuickHeal W32.Virut.F 20140506
ClamAV W32.Virut.A 20140506
CMC Virus.Win32.Virut!O 20140429
Commtouch W32/Virut.4960 20140506
Comodo Backdoor.Win32.Nepoe.em2 20140506
DrWeb Win32.Virut 20140506
Emsisoft Win32.Virtob.6.Gen (B) 20140506
ESET-NOD32 Win32/Virut.5127 20140505
F-Prot W32/Virut.4960 20140506
F-Secure Win32.Virtob.6.Gen 20140506
Fortinet W32/Virut.CE.gen 20140506
GData Win32.Virtob.6.Gen 20140506
Ikarus Trojan-Proxy.Win32.Dlena.ad 20140506
Jiangmin Win32/Virut.a 20140506
K7AntiVirus Virus ( 00001b6b1 ) 20140505
K7GW Virus ( 00001b6b1 ) 20140505
Kaspersky Virus.Win32.Virut.a 20140506
Kingsoft Win32.Virut.a.8192 20140506
McAfee W32/Virut.a 20140506
McAfee-GW-Edition Heuristic.LooksLike.Win32.SuspiciousPE.J 20140505
Microsoft Virus:Win32/Virut.A 20140505
eScan Win32.Virtob.6.Gen 20140506
NANO-Antivirus Virus.Win32.Virut.jxol 20140506
Norman Malware 20140505
nProtect Virus/W32.Virut.Gen 20140504
Panda W32/Virutas.B 20140505
Qihoo-360 Virus.Win32.Virtob.F 20140506
Rising PE:Win32.Virut.a!278450 20140505
Sophos AV W32/Virut-T 20140506
Symantec W32.Virut.A 20140506
TheHacker W32/Virut.gen 20140504
TotalDefense Win32/Virut.5127 20140505
TrendMicro PE_VIRUT.A 20140506
VBA32 Virus.Win32.Virut.A 20140505
VIPRE Virus.Win32.Virut.gen (v) 20140506
ViRobot Win32.Virut.A 20140506
Zillya Virus.Virut.Win32.1 20140505
AegisLab 20140506
ByteHero 20140506
Malwarebytes 20140506
SUPERAntiSpyware 20140505
TrendMicro-HouseCall 20140506
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-10-02 01:19:46
Entry Point 0x00017000
Number of sections 3
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueA
RegQueryValueExA
GetCurrentHwProfileA
RegSetValueA
RegEnumKeyA
RegEnumValueA
RegNotifyChangeKeyValue
RegCreateKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
GetSystemTime
DeviceIoControl
HeapFree
LocalReAlloc
SetStdHandle
SetHandleCount
TerminateThread
GetLastError
WaitForSingleObject
FreeLibrary
LCMapStringA
HeapDestroy
GetTickCount
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
GetStdHandle
GetACP
FreeEnvironmentStringsA
HeapAlloc
GetCurrentProcess
GetEnvironmentStrings
SetThreadPriority
LocalAlloc
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
WaitForMultipleObjects
SuspendThread
SetFilePointer
CreateThread
GetStringTypeA
GetModuleHandleA
lstrcmpA
GetExitCodeThread
CreateFileA
WriteFile
GetStartupInfoA
FindFirstFileA
ExitThread
HeapReAlloc
GetStringTypeW
GetProcAddress
SetPriorityClass
SetEvent
LocalFree
TerminateProcess
ResumeThread
CreateProcessA
LocalSize
WideCharToMultiByte
GetEnvironmentVariableA
HeapCreate
VirtualFree
CreateEventA
FindClose
GetFileType
CloseHandle
ExitProcess
GetVersion
VirtualAlloc
GetOEMCP
ResetEvent
ShellExecuteA
GetMessageA
OpenInputDesktop
UpdateWindow
keybd_event
KillTimer
PostQuitMessage
DefWindowProcA
ShowWindow
MessageBeep
FindWindowA
GetSystemMetrics
IsWindow
DispatchMessageA
PostMessageA
TranslateMessage
RegisterClassExA
GetWindowThreadProcessId
GetForegroundWindow
SetTimer
CreateWindowExA
EnumDisplaySettingsA
GetActiveWindow
EnumThreadWindows
AttachThreadInput
GetUserObjectInformationA
WaitForInputIdle
CloseDesktop
SetForegroundWindow
DestroyWindow
mixerGetLineInfoA
mixerOpen
mixerSetControlDetails
mixerClose
mixerGetControlDetailsA
mixerGetLineControlsA
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2006:10:02 02:19:46+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
57344

LinkerVersion
6.0

FileAccessDate
2014:05:06 06:45:58+01:00

EntryPoint
0x17000

InitializedDataSize
40960

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:05:06 06:45:58+01:00

UninitializedDataSize
0

File identification
MD5 3379aa3d3bbc6c1b7b2825e84b72b8d7
SHA1 b2e77689173bfcd8313fd22fb06a3fe36004fa5a
SHA256 726ea36762727126f6af0e1a8e99b1a550bef55e2f78a98d8f4a5c33f3f11ddb
ssdeep
1536:Dh+6HrAY6/7HKFmbWiKfyjoPjV6fTwZcB7clb7pXzr:lA7/7qFaFbor1o7clP1

imphash bbb177bd8340bfbe44970a9c0a5a942b
File size 100.0 KB ( 102400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2010-02-15 20:34:21 UTC ( 8 years, 8 months ago )
Last submission 2014-05-06 05:44:14 UTC ( 4 years, 5 months ago )
File names chh0hhASq3.dot
VirusShare_3379aa3d3bbc6c1b7b2825e84b72b8d7
7da97147386626068835c9515c23c886
tphkmgr.exe
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!