× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 76d5691895367beafe44aeeaa4b5c7759573d0e6a61a949c3dbb325d60697a48
File name: DfC.exe
Detection ratio: 1 / 56
Analysis date: 2016-05-08 17:48:38 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM09.0.0000.Malware.Gen 20160508
Ad-Aware 20160508
AegisLab 20160508
AhnLab-V3 20160508
Alibaba 20160508
ALYac 20160508
Antiy-AVL 20160508
Arcabit 20160508
Avast 20160508
AVG 20160508
Avira (no cloud) 20160508
AVware 20160508
Baidu 20160506
Baidu-International 20160508
BitDefender 20160508
Bkav 20160506
CAT-QuickHeal 20160507
ClamAV 20160507
CMC 20160506
Comodo 20160508
Cyren 20160508
DrWeb 20160508
Emsisoft 20160503
ESET-NOD32 20160508
F-Prot 20160508
F-Secure 20160508
Fortinet 20160508
GData 20160508
Ikarus 20160508
Jiangmin 20160508
K7AntiVirus 20160508
K7GW 20160508
Kaspersky 20160508
Kingsoft 20160508
Malwarebytes 20160508
McAfee 20160508
McAfee-GW-Edition 20160508
Microsoft 20160508
eScan 20160508
NANO-Antivirus 20160508
nProtect 20160504
Panda 20160508
Rising 20160508
Sophos AV 20160508
SUPERAntiSpyware 20160508
Symantec 20160508
Tencent 20160508
TheHacker 20160508
TrendMicro 20160508
TrendMicro-HouseCall 20160508
VBA32 20160505
VIPRE 20160508
ViRobot 20160508
Yandex 20160508
Zillya 20160508
Zoner 20160508
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-08 16:11:16
Entry Point 0x0002CB9A
Number of sections 7
PE sections
PE imports
GetLastError
HeapFree
GetSystemTimeAsFileTime
lstrlenA
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
GetCurrentProcessId
LoadLibraryExW
MultiByteToWideChar
GetProcAddress
GetProcessHeap
RaiseException
WideCharToMultiByte
GetModuleFileNameW
IsProcessorFeaturePresent
DecodePointer
GetModuleHandleW
VirtualQuery
EncodePointer
GetCurrentThreadId
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
??Bid@locale@std@@QAEIXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??0_Container_base12@std@@QAE@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
??2@YAPAXIABU_DebugHeapTag_t@std@@PADH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_BADOFF@std@@3_JB
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?width@ios_base@std@@QAE_J_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?good@ios_base@std@@QBE_NXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1_Lockit@std@@QAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Winerror_map@std@@YAPBDH@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@H@Z
??0id@locale@std@@QAE@I@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ
?_DebugHeapTag_func@std@@YAABU_DebugHeapTag_t@1@XZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Debug_message@std@@YAXPB_W0I@Z
?flags@ios_base@std@@QBEHXZ
??1_Container_base12@std@@QAE@XZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?uncaught_exception@std@@YA_NXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?width@ios_base@std@@QBE_JXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Syserror_map@std@@YAPBDH@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Xbad_alloc@std@@YAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??3@YAXPAXABU_DebugHeapTag_t@std@@PADH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ
_purecall
??0bad_cast@std@@QAE@ABV01@@Z
_ctime64_s
fputc
fgetc
??1type_info@@UAE@XZ
__crtTerminateProcess
memset
fclose
_time64
__dllonexit
_calloc_dbg
vsprintf_s
toupper
wcscpy_s
_invoke_watson
fflush
fsetpos
_fmode
_cexit
?terminate@@YAXXZ
ungetc
fabs
??2@YAPAXI@Z
strlen
_lock
_onexit
__initenv
memmove
abs
exit
_XcptFilter
_commode
_CrtSetCheckCount
__setusermatherr
strcpy_s
_initterm_e
??_V@YAXPAX@Z
_amsg_exit
_CxxThrowException
_CrtDbgReportW
_controlfp_s
??1bad_cast@std@@UAE@XZ
_unlock
_crt_debugger_hook
memcmp
??3@YAXPAX@Z
memcpy
_wsplitpath_s
_except_handler4_common
_fseeki64
free
__getmainargs
fgetpos
_initterm
??0exception@std@@QAE@ABV01@@Z
__crtUnhandledException
??0bad_cast@std@@QAE@PBD@Z
memcpy_s
__CxxFrameHandler3
_wmakepath_s
_invalid_parameter
_CRT_RTC_INITW
_lock_file
__crtSetUnhandledExceptionFilter
fwrite
_configthreadlocale
_exit
_unlock_file
strcmp
setvbuf
__set_app_type
?getInstance@TCODRandom@@SAPAV1@XZ
?blit@TCODConsole@@SAXPBV1@HHHHPAV1@HHMM@Z
??0TCODImage@@QAE@PBD@Z
?clear@TCODConsole@@QAEXXZ
?step@TCODLine@@SA_NPAH0@Z
?loadFromFile@TCODZip@@QAEHPBD@Z
?waitForKeypress@TCODConsole@@SA?AUTCOD_key_t@@_N@Z
?walk@TCODPath@@QAE_NPAH0_N@Z
??0TCODPath@@QAE@PBVTCODMap@@M@Z
?putChar@TCODConsole@@QAEXHHHW4TCOD_bkgnd_flag_t@@@Z
?checkForKeypress@TCODConsole@@SA?AUTCOD_key_t@@H@Z
?printRect@TCODConsole@@QAAHHHHHPBDZZ
??0TCODColor@@QAE@XZ
??8TCODColor@@QBE_NABV0@@Z
?getCharBackground@TCODConsole@@QBE?AVTCODColor@@HH@Z
?initRoot@TCODConsole@@SAXHHPBD_NW4TCOD_renderer_t@@@Z
??1TCODRandom@@UAE@XZ
?white@TCODColor@@2V1@B
?flush@TCODConsole@@SAXXZ
?getCharForeground@TCODConsole@@QBE?AVTCODColor@@HH@Z
??0TCODRandom@@QAE@W4TCOD_random_algo_t@@_N@Z
?setAlignment@TCODConsole@@QAEXW4TCOD_alignment_t@@@Z
?blit2x@TCODImage@@QBEXPAVTCODConsole@@HHHHHH@Z
?isFullscreen@TCODConsole@@SA_NXZ
??9TCODColor@@QBE_NABV0@@Z
??1TCODZip@@QAE@XZ
?setProperties@TCODMap@@QAEXHH_N0@Z
?setKeyColor@TCODImage@@QAEXVTCODColor@@@Z
?sleepMilli@TCODSystem@@SAXI@Z
?setDefaultForeground@TCODConsole@@QAEXVTCODColor@@@Z
?getInt@TCODRandom@@QAEHHHH@Z
?root@TCODConsole@@2PAV1@A
?setColorControl@TCODConsole@@SAXW4TCOD_colctrl_t@@ABVTCODColor@@1@Z
??1TCODConsole@@UAE@XZ
?setFullscreen@TCODConsole@@SAX_N@Z
?computeFov@TCODMap@@QAEXHHH_NW4TCOD_fov_algorithm_t@@@Z
?setFps@TCODSystem@@SAXH@Z
?isWindowClosed@TCODConsole@@SA_NXZ
??1TCODNoise@@UAE@XZ
??0TCODConsole@@QAE@HH@Z
?isInFov@TCODMap@@QBE_NHH@Z
?getInt@TCODZip@@QAEHXZ
?setCustomFont@TCODConsole@@SAXPBDHHH@Z
??1TCODPath@@UAE@XZ
?saveScreenshot@TCODSystem@@SAXPBD@Z
??0TCODNoise@@QAE@HMMW4TCOD_noise_type_t@@@Z
?setFade@TCODConsole@@SAXEABVTCODColor@@@Z
?print@TCODConsole@@QAAXHHPBDZZ
?init@TCODLine@@SAXHHHH@Z
?putCharEx@TCODConsole@@QAEXHHHABVTCODColor@@0@Z
??0TCODZip@@QAE@XZ
?saveToFile@TCODZip@@QAEHPBD@Z
??1TCODMap@@UAE@XZ
?putString@TCODZip@@QAEXPBD@Z
?getFbm@TCODNoise@@QAEMPAMMW4TCOD_noise_type_t@@@Z
?black@TCODColor@@2V1@B
??0TCODColor@@QAE@HHH@Z
?printFrame@TCODConsole@@QAAXHHHH_NW4TCOD_bkgnd_flag_t@@PBDZZ
??0TCODMap@@QAE@HH@Z
?putInt@TCODZip@@QAEXH@Z
?setCharForeground@TCODConsole@@QAEXHHABVTCODColor@@@Z
?getLastFrameLength@TCODSystem@@SAMXZ
?compute@TCODPath@@QAE_NHHHH@Z
??1TCODImage@@UAE@XZ
?setDefaultBackground@TCODConsole@@QAEXVTCODColor@@@Z
?lerp@TCODColor@@SA?AV1@ABV1@0M@Z
?setChar@TCODConsole@@QAEXHHH@Z
?getString@TCODZip@@QAEPBDXZ
?setCharBackground@TCODConsole@@QAEXHHABVTCODColor@@W4TCOD_bkgnd_flag_t@@@Z
Number of PE resources by type
RT_ICON 8
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:05:08 17:11:16+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
374272

LinkerVersion
11.0

EntryPoint
0x2cb9a

InitializedDataSize
260608

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 8aa9e3f78597a66c6ae7da581b28dd62
SHA1 764a12764f94d1e8923ea64447bbc92f61bbaa71
SHA256 76d5691895367beafe44aeeaa4b5c7759573d0e6a61a949c3dbb325d60697a48
ssdeep
6144:IiRpBbzt9GYYUGReOYuHQWQOE9Dvg0uLH5drqbh9XuiUbdTKdJL+:IeBb/GYYU4j69Dvg0uLZkGJwL+

authentihash 208fad957b929184570a61e83ea3e9c375fd97ea5fe8ff0f0f32a94a81f68e83
imphash 32fb4ee0302bc662c02b4cec67aaae5c
File size 617.5 KB ( 632320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-05-08 17:48:38 UTC ( 1 year, 5 months ago )
Last submission 2016-05-08 17:48:38 UTC ( 1 year, 5 months ago )
File names DfC.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!