× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 72b4a28a2389851aaadb6ca57e9d1136eac82c2ac8eb65e97ff8009a052c2630
File name: 3053f148dc8e1a5257559695683ded0a
Detection ratio: 24 / 57
Analysis date: 2015-08-30 17:03:37 UTC ( 3 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.159244 20150830
Yandex Trojan.PWS.Tepfer!mqiwQPz7iXk 20150829
Antiy-AVL Trojan[PSW]/Win32.Tepfer 20150830
Arcabit Trojan.Zusy.D26E0C 20150830
Avast Win32:Malware-gen 20150830
AVG Zbot.AGHT 20150830
Avira (no cloud) TR/Crypt.ZPACK.12338 20150830
AVware Trojan.Win32.Generic!BT 20150830
BitDefender Gen:Variant.Zusy.159244 20150830
DrWeb Trojan.PWS.Siggen1.40938 20150830
Emsisoft Gen:Variant.Zusy.159244 (B) 20150830
ESET-NOD32 Win32/Spy.Zbot.ABW 20150830
Fortinet W32/Zbot.ABW!tr.spy 20150830
GData Gen:Variant.Zusy.159244 20150830
Ikarus Trojan-Spy.Agent 20150830
Kaspersky Trojan-PSW.Win32.Tepfer.pswwgh 20150830
McAfee GenericR-EJA!3053F148DC8E 20150830
McAfee-GW-Edition Artemis!Trojan 20150830
eScan Gen:Variant.Zusy.159244 20150830
NANO-Antivirus Trojan.Win32.Tepfer.dvuaqi 20150830
Panda Generic Suspicious 20150830
Qihoo-360 Win32/Trojan.4c0 20150830
Sophos AV Mal/Generic-S 20150830
VIPRE Trojan.Win32.Generic!BT 20150830
AegisLab 20150830
AhnLab-V3 20150830
Alibaba 20150828
ALYac 20150830
Baidu-International 20150830
Bkav 20150829
ByteHero 20150830
CAT-QuickHeal 20150829
ClamAV 20150830
CMC 20150827
Comodo 20150830
Cyren 20150830
F-Prot 20150829
F-Secure 20150829
Jiangmin 20150829
K7AntiVirus 20150830
K7GW 20150830
Kingsoft 20150830
Malwarebytes 20150830
Microsoft 20150830
nProtect 20150828
Rising 20150830
SUPERAntiSpyware 20150829
Symantec 20150829
Tencent 20150830
TheHacker 20150828
TotalDefense 20150830
TrendMicro 20150830
TrendMicro-HouseCall 20150830
VBA32 20150829
ViRobot 20150830
Zillya 20150830
Zoner 20150830
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-11-25 01:35:50
Entry Point 0x00056D22
Number of sections 4
PE sections
PE imports
LsaEnumerateAccountRights
ImmSetCompositionFontW
ImmIsUIMessageA
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionFontA
ImmGetCandidateListW
ImmGetGuideLineA
ImmGetIMEFileNameW
ImmCreateContext
ImmEscapeA
ImmGetDescriptionW
ImmGetGuideLineW
ImmRegisterWordA
ImmIsIME
ImmGetCompositionFontW
AreFileApisANSI
GetAtomNameA
EnumSystemLocalesA
GetLogicalDriveStringsA
GetStartupInfoA
GetModuleHandleA
CreateIoCompletionPort
CreateProcessW
GetDiskFreeSpaceExW
LoadLibraryExW
GetPrivateProfileSectionNamesW
GetThreadLocale
GetFullPathNameW
GetStringTypeExA
CreateNamedPipeA
FreeResource
_except_handler3
__p__fmode
_acmdln
_exit
__p__commode
__setusermatherr
exit
_XcptFilter
__getmainargs
_initterm
_controlfp
_adjust_fdiv
__set_app_type
RedrawWindow
SetDlgItemTextA
GetMessagePos
SetWindowRgn
CharPrevA
UnregisterHotKey
SetMenuItemBitmaps
SetMenuDefaultItem
DrawStateA
SystemParametersInfoA
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
DdeCreateStringHandleA
IsWindow
SetTimer
DispatchMessageA
ToUnicode
ScrollWindowEx
OpenIcon
VkKeyScanA
SetMenuItemInfoA
WindowFromPoint
AppendMenuW
GetClassLongA
CharToOemA
GetMessageTime
VkKeyScanW
SetActiveWindow
DispatchMessageW
ChangeClipboardChain
GetAsyncKeyState
ReleaseDC
DdeInitializeA
GetDlgCtrlID
AdjustWindowRectEx
SendMessageW
UnregisterClassA
IsDialogMessageW
DefMDIChildProcA
GetMenuStringW
SendMessageA
UnregisterClassW
GetClassInfoW
ToAscii
DefMDIChildProcW
PackDDElParam
DrawTextW
PostThreadMessageW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
LoadAcceleratorsA
GetWindowTextLengthA
GetSysColor
LoadImageW
CountClipboardFormats
GetTopWindow
ShowCursor
GetUpdateRgn
GetWindowTextW
RegisterClipboardFormatW
CharLowerBuffA
DialogBoxIndirectParamW
LoadImageA
MsgWaitForMultipleObjects
GetMenuItemCount
GetWindowTextA
InvalidateRgn
RegisterClassExA
DestroyWindow
DrawEdge
IsWindowUnicode
MapDialogRect
UpdateWindow
SetPropA
EqualRect
SetClassLongW
EnumWindows
CheckRadioButton
CreateCaret
GetClassInfoExA
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
GetNextDlgGroupItem
SetPropW
ValidateRect
GetCursorPos
PeekMessageW
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
GetDlgItemTextA
GetClipboardFormatNameW
PeekMessageA
ScrollDC
SetClipboardViewer
TranslateMessage
SetThreadDesktop
GetWindow
GetMenuDefaultItem
ActivateKeyboardLayout
CreateIconFromResourceEx
CharNextExA
GetIconInfo
LoadStringA
GetQueueStatus
RegisterClassW
OpenDesktopW
CharLowerA
IsZoomed
IsWindowVisible
SendNotifyMessageW
LoadStringW
WindowFromDC
DrawMenuBar
OemToCharBuffA
EnableMenuItem
RegisterClassA
TrackPopupMenuEx
GetWindowLongA
GetSubMenu
CreateMenu
OemToCharA
GetActiveWindow
GetKeyboardLayout
FillRect
SetWindowContextHelpId
WaitForInputIdle
DdeCreateDataHandle
GetDialogBaseUnits
DdeConnect
CreateWindowExW
GetWindowLongW
GetUpdateRect
GetGUIThreadInfo
CreateAcceleratorTableA
IsChild
MapWindowPoints
SendNotifyMessageA
MapVirtualKeyA
IsIconic
GetMessageA
PostMessageA
SystemParametersInfoW
DefWindowProcW
GetScrollPos
KillTimer
CharNextA
MapVirtualKeyW
CharPrevW
CreatePopupMenu
CheckMenuRadioItem
WaitMessage
TranslateAcceleratorW
GetClipboardData
GetClassNameA
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
InflateRect
InvertRect
SetCapture
DrawIcon
GetMenuState
CharLowerW
SetWindowLongA
SetProcessWindowStation
SendDlgItemMessageW
DefWindowProcA
GetProcessWindowStation
PostThreadMessageA
CreateDialogParamW
RemovePropA
SetWindowTextA
CheckMenuItem
ChildWindowFromPointEx
DrawFocusRect
GetClassLongW
GetLastActivePopup
PtInRect
DrawIconEx
CharUpperBuffW
SetWindowTextW
CreateWindowExA
DdeGetLastError
RemovePropW
CreateDialogParamA
SetCursor
BringWindowToTop
SetDlgItemTextW
ClientToScreen
SetKeyboardState
CloseWindowStation
GetClassNameW
InsertMenuA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
ReuseDDElParam
CharToOemW
SetParent
IsDlgButtonChecked
GetSysColorBrush
DestroyAcceleratorTable
SetDlgItemInt
SetWindowsHookExW
LoadCursorW
EnumDisplaySettingsW
FindWindowExW
GetMenuItemID
InsertMenuW
FlashWindow
NotifyWinEvent
DialogBoxIndirectParamA
OpenClipboard
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
CharLowerBuffW
IntersectRect
EndDialog
HideCaret
CreateIconIndirect
GetCapture
GetDlgItemInt
FindWindowA
MessageBeep
SetClassLongA
DrawTextExA
RemoveMenu
wvsprintfW
DeferWindowPos
ShowScrollBar
MessageBoxW
AppendMenuA
RegisterClassExW
UnhookWindowsHookEx
LoadIconW
MessageBoxIndirectA
SetRectEmpty
GetMenuStringA
CallWindowProcA
IsMenu
GetWindowDC
DestroyCursor
wvsprintfA
LoadKeyboardLayoutA
MessageBoxIndirectW
MsgWaitForMultipleObjectsEx
SendMessageCallbackW
SetScrollInfo
GetKeyState
EndDeferWindowPos
IsCharAlphaNumericA
DestroyIcon
FreeDDElParam
GetKeyNameTextA
ShowOwnedPopups
WinHelpW
LoadBitmapW
GetDesktopWindow
SubtractRect
UnpackDDElParam
GetDCEx
WinHelpA
FrameRect
SetRect
DeleteMenu
InvalidateRect
DefFrameProcA
SendMessageTimeoutA
TranslateAcceleratorA
DrawTextA
GetKeyboardType
DefDlgProcA
ModifyMenuW
CloseDesktop
IsRectEmpty
GetCursor
GetFocus
CloseClipboard
ModifyMenuA
DefDlgProcW
ReplyMessage
CloseWindow
GetMenuCheckMarkDimensions
Number of PE resources by type
RT_ICON 7
RT_GROUP_ICON 4
RT_VERSION 1
Number of PE resources by language
MACEDONIAN DEFAULT 6
ENGLISH CARIBBEAN 3
GREEK DEFAULT 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.207.124.223

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
4419584

EntryPoint
0x56d22

OriginalFileName
Phrase.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1994

FileVersion
0.147.134.174

TimeStamp
2005:11:25 02:35:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Penname

FileDescription
Radials

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Nargus Software

CodeSize
352256

ProductName
Recyclable Partnership

ProductVersionNumber
0.142.226.120

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 3053f148dc8e1a5257559695683ded0a
SHA1 996f4161f59d254718d80c6b5a1c4dc9b5356223
SHA256 72b4a28a2389851aaadb6ca57e9d1136eac82c2ac8eb65e97ff8009a052c2630
ssdeep
6144:GUJtRl9lNtusUEbYp7c3lGURSWVZAICByWRc0yQm6BMuiWSaP1imJ1bnQa4A:GUJ1GDEec3lVRrVZZCBlK0btiKdZ1j

authentihash 423902a0c1d50c0c2cdd3133aa7f43be748a85b6f87090c4be93661eb8cd5b99
imphash 0cd16599ace4f3121d7d50035d920d23
File size 388.0 KB ( 397312 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-08-30 17:03:37 UTC ( 3 years, 6 months ago )
Last submission 2015-08-30 17:03:37 UTC ( 3 years, 6 months ago )
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R0CCC0EHU15.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Opened service managers
Runtime DLLs