× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7703156e32c58fcec4736224e60c8dd45058dd204027c5b43d10d6718a622115
File name: MtGox
Detection ratio: 39 / 57
Analysis date: 2015-03-05 03:36:55 UTC ( 5 months, 3 weeks ago )
Antivirus Result Update
ALYac Trojan.GenericKD.1601018 20150305
AVG PSW.Generic12.AFIO 20150305
AVware Trojan.Win32.Generic!BT 20150305
Ad-Aware Trojan.GenericKD.1601018 20150305
Agnitum Trojan.PWS.CoinStealer! 20150228
AhnLab-V3 Trojan/Win32.CoinStealer 20150305
Antiy-AVL Trojan/Win32.CoinStealer 20150304
Baidu-International Trojan.Win32.CoinStealer.i 20150304
BitDefender Trojan.GenericKD.1601018 20150305
CAT-QuickHeal Trojan.CoinMiner.g5 20150305
Comodo TrojWare.Win32.CoinStealer.~IA 20150305
Cyren W32/Trojan.MRRO-3319 20150305
DrWeb Trojan.Coinstealer.1 20150305
ESET-NOD32 Win32/PSW.CoinStealer.D 20150305
Emsisoft Trojan.GenericKD.1601018 (B) 20150305
F-Secure Trojan.GenericKD.1601018 20150305
Fortinet W32/CoinStealer.D!tr.pws 20150305
GData Trojan.GenericKD.1601018 20150305
Ikarus Trojan.Agent 20150304
K7AntiVirus Password-Stealer ( 00496b521 ) 20150304
K7GW Password-Stealer ( 00496b521 ) 20150305
Kaspersky Trojan.Win32.CoinStealer.i 20150305
Kingsoft Win32.PSWTroj.Undef.(kcloud) 20150305
Malwarebytes Trojan.CoinStealer 20150305
McAfee Artemis!C4E99FDCD40B 20150305
McAfee-GW-Edition BehavesLike.Win32.Trojan.rc 20150305
MicroWorld-eScan Trojan.GenericKD.1601018 20150305
Microsoft Trojan:Win32/CoinMiner.Z 20150305
Norman Suspicious_Gen5.ANBOQ 20150304
Panda Trj/CI.A 20150304
Qihoo-360 Win32/Trojan.960 20150305
Sophos Troj/BitSteal-A 20150305
Symantec Trojan.Coinstealer 20150305
Tencent Win32.Trojan.Gen.Cwxd 20150305
TrendMicro TSPY_COINSTEAL.B 20150305
TrendMicro-HouseCall TSPY_COINSTEAL.B 20150305
VBA32 Trojan.CoinStealer 20150304
VIPRE Trojan.Win32.Generic!BT 20150305
nProtect Trojan/W32.CoinStealer.4476928 20150304
AegisLab 20150305
Alibaba 20150305
Avast 20150305
Avira 20150305
Bkav 20150304
ByteHero 20150305
CMC 20150304
ClamAV 20150304
F-Prot 20150305
Jiangmin 20150304
NANO-Antivirus 20150305
Rising 20150304
SUPERAntiSpyware 20150305
TheHacker 20150303
TotalDefense 20150305
ViRobot 20150305
Zillya 20150303
Zoner 20150303
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2012 All rights reserved worldwide

Publisher Tibanne Co. Ltd.
Product MtGox - Tibanne Co. Ltd.
Original name MtGox
Internal name MtGox
File version 1.0.1.0
Description MtGox
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-10-10 14:18:16
Link date 3:18 PM 10/10/2011
Entry Point 0x001675A1
Number of sections 5
PE sections
PE imports
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
PrintDlgA
PageSetupDlgA
GetOpenFileNameA
ChooseColorA
CommDlgExtendedError
PrintDlgExA
GetSaveFileNameA
CertEnumCertificatesInStore
CertVerifyCRLTimeValidity
CertCloseStore
CertEnumCRLsInStore
CertOpenSystemStoreW
CertVerifyTimeValidity
PolyPolyline
SetMapMode
GetWindowOrgEx
CreateMetaFileA
PlayEnhMetaFileRecord
GetEnhMetaFileBits
GetTextMetricsA
CombineRgn
GetObjectType
EndDoc
DeleteObject
GetTextFaceA
CreateDIBitmap
ExtCreateRegion
SetTextAlign
GetDCOrgEx
StretchBlt
StretchDIBits
Pie
SetWindowExtEx
Arc
WidenPath
ExtCreatePen
SetBkColor
SetWinMetaFileBits
SetRectRgn
DeleteEnhMetaFile
TextOutW
CreateFontIndirectW
OffsetRgn
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
EndPath
CloseMetaFile
TranslateCharsetInfo
SetBkMode
GetRegionData
BitBlt
EnumFontFamiliesA
GetDeviceCaps
CreateEnhMetaFileW
CreateBrushIndirect
CreateEnhMetaFileA
ExtSelectClipRgn
CloseEnhMetaFile
SetROP2
EndPage
SetDIBitsToDevice
BeginPath
SetViewportExtEx
LPtoDP
GetWindowExtEx
SetStretchBltMode
Rectangle
GetObjectA
CreateDCA
LineTo
DeleteDC
StartPage
GetObjectW
CreatePatternBrush
SetEnhMetaFileBits
CreateBitmap
GetStockObject
PlayEnhMetaFile
UnrealizeObject
GdiFlush
SelectClipRgn
RoundRect
ExtEscape
GetTextExtentPoint32A
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
MaskBlt
CreateICA
Polygon
GetRgnBox
SaveDC
GetTextCharset
EnumEnhMetaFile
RestoreDC
SelectClipPath
CreateDIBSection
SetTextColor
GetClipBox
MoveToEx
SetViewportOrgEx
CreateCompatibleDC
GetCharWidth32A
SetBrushOrgEx
CreateRectRgn
SelectObject
StartDocA
Ellipse
CreateSolidBrush
Polyline
AbortDoc
CreateCompatibleBitmap
DeleteMetaFile
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringA
ImmGetContext
ImmGetProperty
ImmSetCandidateWindow
ImmReleaseContext
ImmGetCompositionStringW
GetNetworkParams
GetAdaptersInfo
CreateFiberEx
SwitchToFiber
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
DeleteFiber
GetDriveTypeA
FindNextFileA
HeapDestroy
GetFileAttributesW
GetExitCodeProcess
GetStdHandle
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
SetFilePointer
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
IsDBCSLeadByteEx
GetTempPathA
GetCPInfo
GetProcAddress
GetStringTypeA
GetDiskFreeSpaceW
WriteFile
WaitForSingleObject
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
SetEvent
MoveFileA
ResumeThread
GetLogicalDriveStringsA
InitializeCriticalSection
FindClose
InterlockedDecrement
SetLastError
PeekNamedPipe
OpenThread
GetNamedPipeInfo
Beep
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
EnumSystemLocalesA
LoadLibraryExA
SetConsoleCtrlHandler
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
CreateMutexA
CreateEventW
CreateThread
SetEnvironmentVariableW
CreatePipe
SetUnhandledExceptionFilter
MulDiv
GetSystemDirectoryA
SetHandleInformation
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
SetCurrentDirectoryA
WriteConsoleW
CloseHandle
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
ExitThread
FreeLibrary
GlobalSize
GetStartupInfoA
GetFileSize
OpenProcess
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetFullPathNameA
GetUserDefaultLCID
GetProcessHeap
CompareStringW
GlobalReAlloc
GetFileInformationByHandle
FindNextFileW
lstrcpyA
GetProfileStringA
CompareStringA
CreateFileMappingA
FindFirstFileW
IsValidLocale
DuplicateHandle
GlobalLock
SetCommTimeouts
GetTimeZoneInformation
SetCommState
ConvertThreadToFiber
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
BuildCommDCBA
GetLastError
LCMapStringW
HeapCreate
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
GetCommState
RemoveDirectoryA
GetShortPathNameA
FileTimeToLocalFileTime
GetEnvironmentStrings
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
FindFirstFileA
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
UnmapViewOfFile
VirtualFree
Sleep
SetThreadPriority
VirtualAlloc
ResetEvent
AlphaBlend
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysStringLen
UuidToStringA
RpcStringFreeA
ShellExecuteExA
SHBrowseForFolderA
SHGetSpecialFolderLocation
DragQueryFileA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
RedrawWindow
SetWindowRgn
SetWindowPos
DispatchMessageA
EndPaint
ScrollWindowEx
WindowFromPoint
GetMessageTime
SetActiveWindow
DispatchMessageW
GetAsyncKeyState
ReleaseDC
SendMessageA
GetClientRect
GetKeyboardState
ClientToScreen
GetActiveWindow
GetUpdateRgn
MsgWaitForMultipleObjects
GetMenuItemInfoA
InvalidateRgn
DestroyWindow
GetMessageA
GetParent
UpdateWindow
ShowWindow
GetClipboardFormatNameA
PeekMessageW
EnableWindow
PeekMessageA
TranslateMessage
GetWindow
InsertMenuItemA
SetParent
RegisterClassW
GetWindowPlacement
IsIconic
RegisterClassA
GetWindowLongA
CreateWindowExA
GetKeyboardLayout
FillRect
DeferWindowPos
IsWindowUnicode
CreateWindowExW
GetWindowLongW
SetFocus
PostMessageA
BeginPaint
OffsetRect
DefWindowProcW
KillTimer
RegisterWindowMessageA
DefWindowProcA
GetSystemMetrics
SetWindowLongW
GetWindowRect
SetCapture
ReleaseCapture
SetWindowLongA
CreatePopupMenu
SetWindowTextW
ScreenToClient
FindWindowExA
LoadCursorA
LoadIconA
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
GetDesktopWindow
GetSystemMenu
GetDC
SetForegroundWindow
PostThreadMessageA
GetCursorPos
GetCaretBlinkTime
IntersectRect
SetLayeredWindowAttributes
CreateIconIndirect
FindWindowA
MessageBeep
BeginDeferWindowPos
RegisterClipboardFormatA
MoveWindow
MessageBoxA
AdjustWindowRectEx
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
DestroyIcon
IsWindowVisible
SetCursorPos
SetRect
InvalidateRect
wsprintfA
SendMessageTimeoutA
SetWindowTextA
EnableMenuItem
GetFocus
SetCursor
ScriptPlace
ScriptBreak
ScriptStringAnalyse
ScriptFreeCache
ScriptShape
ScriptStringOut
ScriptItemize
ScriptLayout
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
timeKillEvent
waveOutSetVolume
waveOutReset
waveOutOpen
waveOutClose
waveOutUnprepareHeader
timeSetEvent
timeGetTime
timeEndPeriod
waveOutPrepareHeader
mciGetErrorStringA
waveOutGetVolume
waveOutWrite
mciSendCommandA
mciSendStringA
timeBeginPeriod
EnumPrintersA
OpenPrinterA
Ord(203)
DocumentPropertiesA
DeviceCapabilitiesA
Ord(201)
ClosePrinter
htonl
accept
ioctlsocket
WSAStartup
connect
getsockname
htons
inet_ntoa
select
gethostname
closesocket
inet_addr
send
getservbyport
ntohs
WSAGetLastError
gethostbyaddr
listen
__WSAFDIsSet
WSAAsyncSelect
gethostbyname
WSASetLastError
recv
WSAIoctl
setsockopt
socket
getpeername
bind
recvfrom
sendto
getservbyname
CloseColorProfile
OpenColorProfileA
DeleteColorTransform
CreateMultiProfileTransform
GetColorProfileHeader
TranslateBitmapBits
ProgIDFromCLSID
CoCreateInstance
CLSIDFromProgID
OleInitialize
OleFlushClipboard
ReleaseStgMedium
CoCreateGuid
RegisterDragDrop
CoLockObjectExternal
OleUninitialize
DoDragDrop
RevokeDragDrop
OleGetClipboard
OleIsCurrentClipboard
CoTaskMemFree
OleSetClipboard
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 6
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.1.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2711552

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
2012 All rights reserved worldwide

FileVersion
1.0.1.0

TimeStamp
2011:10:10 15:18:16+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MtGox

ProductVersion
1.0.1.0

FileDescription
MtGox

OSVersion
4.0

OriginalFilename
MtGox

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Tibanne Co. Ltd.

CodeSize
1843200

ProductName
MtGox - Tibanne Co. Ltd.

ProductVersionNumber
1.0.1.0

EntryPoint
0x1675a1

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 c4e99fdcd40bee6eb6ce85167969348d
SHA1 08b56c1c344381c9b7172621f502f1b7762edc61
SHA256 7703156e32c58fcec4736224e60c8dd45058dd204027c5b43d10d6718a622115
ssdeep
98304:U2K1H3AU3aWjyk56eavnAWsyib8tPacyxAiefJH1p:QlAGJx+1iSyf6H1p

authentihash 28de61ef7eff3908b95614187db8c96deeb113eedf77f8a825c58977d6a27ca1
imphash b73bc4d1d2276fe9b5e34ce01c3d1f0a
File size 4.3 MB ( 4476928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (42.0%)
Win32 Executable MS Visual C++ (generic) (30.4%)
Windows Screen Saver (12.7%)
Win32 Dynamic Link Library (generic) (6.4%)
Win32 Executable (generic) (4.3%)
Tags
peexe via-tor

VirusTotal metadata
First submission 2014-03-09 17:04:36 UTC ( 1 year, 5 months ago )
Last submission 2014-05-27 07:14:28 UTC ( 1 year, 3 months ago )
File names file-6703437_exe
MtGox
C4E99FDCD40BEE6EB6CE85167969348D.fil
TibanneBackOffice.exe
TibanneBackOffice.exe.bak
TibanneSocket.exe
08b56c1c344381c9b7172621f502f1b7762edc61
vti-rescan
TibanneSocket.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!