× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 753caf6f00f335cf93d788b9f264f121e31a7a199d136a58c81102f70ec2f0a1
File name: exe.ex
Detection ratio: 34 / 48
Analysis date: 2014-01-15 23:23:42 UTC ( 3 years, 5 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.1454285 20140116
AntiVir TR/Dropper.VB.Gen8 20140116
Avast Win32:Malware-gen 20140115
AVG Inject2.LDV 20140115
Baidu-International Trojan.Win32.Zbot.Audr 20131213
BitDefender Trojan.GenericKD.1454285 20140115
Bkav W32.Clod312.Trojan.62a2 20140114
ByteHero Virus.Win32.Heur.p 20140114
CMC Heur.Win32.Veebee.1!O 20140115
DrWeb Trojan.PWS.Panda.2401 20140115
Emsisoft Trojan.GenericKD.1454285 (B) 20140115
ESET-NOD32 a variant of Win32/Injector.ATXO 20140115
F-Secure Trojan.GenericKD.1454285 20140115
Fortinet W32/Zbot.QXFD!tr 20140116
GData Trojan.GenericKD.1454285 20140115
Ikarus Trojan-Spy.Win32.Zbot 20140115
K7AntiVirus Trojan ( 00491a461 ) 20140115
K7GW Trojan ( 00491a461 ) 20140115
Kaspersky Trojan-Spy.Win32.Zbot.qxfd 20140115
Kingsoft Win32.Troj.Zbot.qx.(kcloud) 20130829
Malwarebytes Trojan.LVBP 20140115
McAfee RDN/Generic PWS.y!wm 20140115
McAfee-GW-Edition RDN/Generic PWS.y!wm 20140115
Microsoft VirTool:Win32/VBInject.gen!LG 20140115
eScan Trojan.GenericKD.1454285 20140115
NANO-Antivirus Trojan.Win32.Injector.criynv 20140115
nProtect Trojan.GenericKD.1454285 20140115
Panda Generic Malware 20140115
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20140115
Sophos Troj/VBInj-GY 20140115
Symantec Trojan.ADH 20140115
TrendMicro TROJ_GEN.R047C0ELN13 20140115
TrendMicro-HouseCall TROJ_GEN.R047C0ELN13 20140115
VIPRE Trojan.Win32.Generic!BT 20140115
Yandex 20140115
Antiy-AVL 20140115
CAT-QuickHeal 20140115
ClamAV 20140115
Commtouch 20140115
Comodo 20140115
F-Prot 20140115
Jiangmin 20140115
Norman 20140115
SUPERAntiSpyware 20140115
TheHacker 20140115
TotalDefense 20140115
VBA32 20140115
ViRobot 20140115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Texas Instruments Incorporated ®

Publisher DT Soft Ltd.
Product Moneyles meharist birdclap wunsome
Original name Teaselli.exe
Internal name Teaselli
File version 1.00.0006
Description Chronoth sulfamid leadines pontiac
Signature verification The digital signature of the object did not verify.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-13 04:32:18
Entry Point 0x00001304
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
Ord(645)
EVENT_SINK_Release
__vbaEnd
EVENT_SINK_QueryInterface
_allmul
_adj_fdivr_m64
_adj_fprem
Ord(712)
Ord(689)
Ord(525)
_adj_fpatan
EVENT_SINK_AddRef
Ord(677)
_adj_fdiv_m32i
__vbaStrCopy
__vbaExceptHandler
__vbaSetSystemError
__vbaFreeVarList
DllFunctionCall
__vbaFPException
_CIexp
Ord(610)
_adj_fdivr_m16i
Ord(589)
Ord(100)
Ord(606)
__vbaI2Var
__vbaFreeVar
__vbaBoolVarNull
_adj_fprem1
_adj_fdiv_r
Ord(536)
_adj_fdiv_m64
__vbaFreeObj
_CIsin
_CIsqrt
__vbaHresultCheckObj
_CIlog
__vbaLenBstrB
_CIcos
Ord(616)
_adj_fptan
Ord(696)
Ord(593)
__vbaVarCmpNe
__vbaFPInt
__vbaErrorOverflow
_CIatan
__vbaNew2
__vbaLateIdCallLd
_adj_fdivr_m32i
__vbaVarNot
__vbaStrMove
Ord(588)
_adj_fdivr_m32
_CItan
__vbaFpI4
__vbaI2I4
__vbaFreeStr
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 4
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
ENGLISH US 1
PE resources
ExifTool file metadata
LegalTrademarks
Texas Instruments Incorporated

FileDescription
Chronoth sulfamid leadines pontiac

InitializedDataSize
36864

ImageVersion
1.0

ProductName
Moneyles meharist birdclap wunsome

FileVersionNumber
1.0.0.6

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

LinkerVersion
6.0

OriginalFilename
Teaselli.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.00.0006

TimeStamp
2013:12:13 05:32:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Teaselli

SubsystemVersion
4.0

FileAccessDate
2013:12:13 10:47:31+01:00

ProductVersion
1.00.0006

UninitializedDataSize
0

OSVersion
4.0

FileCreateDate
2013:12:13 10:47:31+01:00

FileOS
Win32

LegalCopyright
Texas Instruments Incorporated

MachineType
Intel 386 or later, and compatibles

CompanyName
DT Soft Ltd.

CodeSize
294912

FileSubtype
0

ProductVersionNumber
1.0.0.6

EntryPoint
0x1304

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 125e706081f6d06882a436fc3d352393
SHA1 310d1831368dff400d800e11cbe18a39d1f95c16
SHA256 753caf6f00f335cf93d788b9f264f121e31a7a199d136a58c81102f70ec2f0a1
ssdeep
6144:zh9Bl1dNulRy2DG2HCjfN5zmifElf+TUN9/m0RvRBw5xt:Nl1d8lRy2DHqf6anTUN9O+J6

File size 327.0 KB ( 334865 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (69.4%)
Win64 Executable (generic) (23.3%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.6%)
DOS Executable Generic (1.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-12-13 09:41:41 UTC ( 3 years, 6 months ago )
Last submission 2014-01-15 23:23:42 UTC ( 3 years, 5 months ago )
File names file-6336463_scr
exe.ex
Teaselli.exe
Teaselli
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!