× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7614dbd6fb4b02776fda17b2e385fb49eeccd8f3d990210ce182f84d904784aa
File name: konush7.yarn
Detection ratio: 3 / 67
Analysis date: 2018-04-25 12:56:00 UTC ( 12 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9979 20180425
Palo Alto Networks (Known Signatures) generic.ml 20180425
Webroot W32.Trojan.Emotet 20180425
Ad-Aware 20180425
AegisLab 20180425
AhnLab-V3 20180425
Alibaba 20180425
ALYac 20180425
Antiy-AVL 20180418
Arcabit 20180425
Avast 20180425
Avast-Mobile 20180424
AVG 20180425
Avira (no cloud) 20180425
AVware 20180425
BitDefender 20180425
Bkav 20180424
CAT-QuickHeal 20180425
ClamAV 20180425
CMC 20180424
Comodo 20180425
CrowdStrike Falcon (ML) 20180418
Cybereason 20180225
Cylance 20180425
Cyren 20180425
DrWeb 20180425
eGambit 20180425
Emsisoft 20180425
Endgame 20180403
ESET-NOD32 20180425
F-Prot 20180425
F-Secure 20180425
Fortinet 20180425
GData 20180425
Ikarus 20180425
Sophos ML 20180121
Jiangmin 20180425
K7AntiVirus 20180425
K7GW 20180425
Kaspersky 20180425
Kingsoft 20180425
Malwarebytes 20180425
MAX 20180425
McAfee 20180425
McAfee-GW-Edition 20180425
Microsoft 20180424
eScan 20180425
NANO-Antivirus 20180425
nProtect 20180425
Panda 20180425
Qihoo-360 20180425
Rising 20180425
SentinelOne (Static ML) 20180225
Sophos AV 20180425
SUPERAntiSpyware 20180425
Symantec 20180425
Symantec Mobile Insight 20180424
Tencent 20180425
TheHacker 20180425
TotalDefense 20180425
TrendMicro 20180425
TrendMicro-HouseCall 20180425
Trustlook 20180425
VBA32 20180425
VIPRE 20180425
ViRobot 20180425
Yandex 20180425
Zillya 20180425
ZoneAlarm by Check Point 20180425
Zoner 20180425
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Swim Differ
Original name Swim Differ.exe
Description Swim Differ
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-04-24 16:45:46
Entry Point 0x001A370D
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyW
RegDeleteKeyW
RegQueryValueExW
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_Remove
ImageList_SetIconSize
GetSaveFileNameW
ReplaceTextW
GetFileTitleW
GetOpenFileNameW
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetPaletteEntries
CombineRgn
GetViewportOrgEx
GetObjectType
GetBoundsRect
SetLayout
SetPixel
DeleteObject
SetPaletteEntries
OffsetWindowOrgEx
CreateEllipticRgn
GetTextFaceW
CreatePalette
CreateDIBitmap
SetTextAlign
StretchBlt
ScaleViewportExtEx
SetWindowExtEx
SetBkColor
GetBkColor
SetRectRgn
MoveToEx
GetTextCharsetInfo
TextOutW
CreateFontIndirectW
OffsetRgn
CreateRectRgnIndirect
LPtoDP
GetPixel
GetLayout
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
BitBlt
FillRgn
FrameRgn
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SelectPalette
SetROP2
GetNearestPaletteIndex
SetDIBColorTable
GetTextColor
Escape
SetViewportExtEx
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
Rectangle
GetDeviceCaps
LineTo
DeleteDC
GetSystemPaletteEntries
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
IntersectClipRect
CreateBitmap
RectVisible
GetStockObject
SelectClipRgn
SetWindowOrgEx
GetViewportExtEx
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
RestoreDC
CreateDIBSection
SetTextColor
ExtFloodFill
SetPixelV
EnumFontFamiliesExW
SetViewportOrgEx
CreateRoundRectRgn
CreateCompatibleDC
CreateRectRgn
SelectObject
SetPolyFillMode
CopyMetaFileW
Ellipse
CreateSolidBrush
Polyline
DPtoLP
CreateCompatibleBitmap
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmNotifyIME
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
ImmGetCompositionStringW
GetStdHandle
FileTimeToSystemTime
DeactivateActCtx
WaitForSingleObject
EncodePointer
GetFileAttributesW
lstrcmpW
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
UnhandledExceptionFilter
LoadLibraryExW
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
GetProcAddress
InterlockedExchange
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
ReleaseActCtx
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
GetProfileIntW
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
GetFullPathNameW
SetLastError
GetUserDefaultUILanguage
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
HeapSetInformation
EnumSystemLocalesA
SetThreadPriority
ActivateActCtx
GetVolumeInformationW
TlsGetValue
MultiByteToWideChar
GlobalAddAtomW
CreateThread
GetSystemDirectoryW
SetUnhandledExceptionFilter
MulDiv
IsProcessorFeaturePresent
ExitThread
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SearchPathW
VirtualQuery
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
GetNumberFormatW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetLastError
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
lstrcmpiW
RtlUnwind
CopyFileW
GlobalSize
UnlockFile
GetWindowsDirectoryW
GetFileSize
GlobalDeleteAtom
GetStartupInfoW
GetUserDefaultLCID
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
lstrcmpA
FindFirstFileW
IsValidLocale
DuplicateHandle
GlobalLock
GlobalAlloc
GetTempPathW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
HeapAlloc
InterlockedIncrement
GlobalGetAtomNameW
LocalReAlloc
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
HeapQueryInformation
WideCharToMultiByte
HeapSize
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
FreeResource
GetFileAttributesExW
IsValidCodePage
HeapCreate
FindResourceExW
Sleep
VirtualAlloc
TransparentBlt
AlphaBlend
AccessibleObjectFromPoint
GetOleaccVersionInfo
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantInit
DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
RedrawWindow
GetForegroundWindow
SetWindowRgn
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
DrawStateW
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
ClientToScreen
EndDialog
WindowFromPoint
IntersectRect
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetMenu
GetMenuStringW
IsWindowEnabled
GetClassInfoW
CreateAcceleratorTableW
DefMDIChildProcW
DrawTextW
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
GetKeyboardState
GetTopWindow
CopyAcceleratorTableW
MapVirtualKeyExW
LockWindowUpdate
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
CopyImage
DestroyWindow
DrawEdge
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
ShowScrollBar
GetMenuState
GetWindowTextW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
ValidateRect
PeekMessageW
TranslateMDISysAccel
EnableWindow
SetWindowPlacement
CharUpperW
GetSystemMenu
TranslateMessage
GetAsyncKeyState
GetWindow
GetMenuDefaultItem
GetDlgItemInt
RegisterClassW
GetIconInfo
SetParent
SetClipboardData
IsZoomed
GetWindowPlacement
DrawMenuBar
IsCharLowerW
EnableMenuItem
InvertRect
GetSubMenu
CreateMenu
UnhookWinEvent
GetActiveWindow
IsDialogMessageW
FillRect
MonitorFromPoint
CopyRect
DeferWindowPos
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
GetWindowLongW
GetUpdateRect
OpenClipboard
IsChild
MapWindowPoints
RegisterWindowMessageW
GetMonitorInfoW
ReleaseCapture
IsIconic
BeginPaint
OffsetRect
DefWindowProcW
GetScrollPos
CopyIcon
KillTimer
MapVirtualKeyW
CheckMenuRadioItem
GetClassInfoExW
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
SetWindowLongW
SetScrollRange
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
DrawIcon
EnumChildWindows
GetScrollRange
ShowOwnedPopups
SendDlgItemMessageW
PostMessageW
InvalidateRect
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
DrawFocusRect
GetClassLongW
GetLastActivePopup
PtInRect
DrawIconEx
CharUpperBuffW
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
SetCursor
BringWindowToTop
ScreenToClient
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
DestroyAcceleratorTable
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
ReuseDDElParam
GetDC
InsertMenuW
SetForegroundWindow
GetClientRect
NotifyWinEvent
SetFocus
GetMenuItemInfoW
EmptyClipboard
EndPaint
CreateDialogIndirectParamW
ReleaseDC
DrawTextExW
SetLayeredWindowAttributes
GetScrollInfo
HideCaret
GetKeyboardLayout
FindWindowW
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
MessageBoxW
SendMessageW
RegisterClassExW
SetMenu
MoveWindow
SetDlgItemInt
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
DispatchMessageW
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
EnumDisplayMonitors
DefFrameProcW
IsWindowVisible
WinHelpW
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
CallWindowProcW
GetClassNameW
ModifyMenuW
IsRectEmpty
IsMenu
GetFocus
InsertMenuItemW
CloseClipboard
TranslateAcceleratorW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
timeEndPeriod
PlaySoundW
mciSendCommandW
timeBeginPeriod
mciGetErrorStringW
DocumentPropertiesW
ClosePrinter
OpenPrinterW
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusStartup
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipGetImagePaletteSize
GdipDrawImageI
GdipDrawImageRectI
GdipSetInterpolationMode
GdipFree
GdipGetImageHeight
GdipCloneImage
GdipGetImageGraphicsContext
CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoInitializeEx
IsAccelerator
OleTranslateAccelerator
OleCreateMenuDescriptor
CoLockObjectExternal
OleDestroyMenuDescriptor
DoDragDrop
ReleaseStgMedium
CoUninitialize
RevokeDragDrop
OleGetClipboard
OleDuplicateData
CoTaskMemFree
RegisterDragDrop
Number of PE resources by type
RT_DIALOG 11
RT_ICON 9
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 23
PE resources
Debug information
ExifTool file metadata
CodeSize
1878528

SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.0.6882.3333

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Swim Differ

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
744448

EntryPoint
0x1a370d

OriginalFileName
Swim Differ.exe

MIMEType
application/octet-stream

TimeStamp
2011:04:24 17:45:46+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
5, 0, 6882, 3333

UninitializedDataSize
0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Colonyoff Motion

LegalTrademarks
Swim Differ

ProductName
Swim Differ

ProductVersionNumber
5.0.6882.3333

FileTypeExtension
exe

ObjectFileType
Executable application

PCAP parents
File identification
MD5 8e29fa5f88ea28e36893f0b82b4d75e3
SHA1 220c38a509a2f0e62b279ad4f140e0aed79f2816
SHA256 7614dbd6fb4b02776fda17b2e385fb49eeccd8f3d990210ce182f84d904784aa
ssdeep
49152:ezmHfkHpVv5b3i55pJU9f6RjcVbze5ZCEYNqwoNCpV6DDoca0B8P07erW6I:dHE5u5xU9fAcVba58EYNqwoEpVYo0B6B

authentihash 7ad0635b27bd5bb4e426078b7878695eaba5dfe108b639fd718d5b5ebbf70b5e
imphash efff1feaf8101468e02ae7d6484b77f9
File size 2.4 MB ( 2561024 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.0%)
Win64 Executable (generic) (31.0%)
Windows screen saver (14.7%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-25 12:56:00 UTC ( 12 months ago )
Last submission 2018-09-10 06:38:32 UTC ( 7 months, 2 weeks ago )
File names konush4.yarn
testv.phplkonush8.yarn.exe
7614dbd6fb4b02776fda17b2e385fb49eeccd8f3d990210ce182f84d904784aa-109862.bin
Swim Differ.exe
testv.phplkonush8.yarn.exe
4.exe
konush6.yarn
konush9.yarn
konush8.yarn
konush10.yarn
konush7.yarn
irlashka2.yarn
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Runtime DLLs