× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 77e67dc61967b0e9ee021e159cdb7996f9110f93aba822135ce023d8f23e769b
File name: codexgigas_38b0ae8aac24add093eab2b2d08f03b9b9660d4d
Detection ratio: 12 / 66
Analysis date: 2018-05-28 21:01:40 UTC ( 8 months, 3 weeks ago )
Antivirus Result Update
Avast FileRepMalware 20180528
AVG FileRepMalware 20180528
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180528
Cylance Unsafe 20180528
Endgame malicious (high confidence) 20180507
Fortinet W32/GenKryptik.CAUA!tr 20180528
McAfee Artemis!029F511013A2 20180528
McAfee-GW-Edition Artemis 20180528
Palo Alto Networks (Known Signatures) generic.ml 20180528
Qihoo-360 HEUR/QVM20.1.7801.Malware.Gen 20180528
Sophos AV Mal/EncPk-ANX 20180528
Symantec ML.Attribute.HighConfidence 20180528
Ad-Aware 20180528
AegisLab 20180528
AhnLab-V3 20180528
Alibaba 20180528
ALYac 20180528
Antiy-AVL 20180528
Arcabit 20180528
Avast-Mobile 20180527
Avira (no cloud) 20180528
AVware 20180528
Babable 20180406
BitDefender 20180528
Bkav 20180528
CAT-QuickHeal 20180528
ClamAV 20180528
CMC 20180528
Comodo 20180528
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180528
DrWeb 20180528
eGambit 20180528
Emsisoft 20180528
ESET-NOD32 20180528
F-Prot 20180528
F-Secure 20180528
GData 20180528
Ikarus 20180528
Sophos ML 20180503
Jiangmin 20180528
K7AntiVirus 20180528
K7GW 20180528
Kaspersky 20180528
Kingsoft 20180528
Malwarebytes 20180528
MAX 20180528
Microsoft 20180528
eScan 20180528
NANO-Antivirus 20180528
nProtect 20180528
Panda 20180528
Rising 20180528
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180528
Symantec Mobile Insight 20180525
Tencent 20180528
TheHacker 20180524
TotalDefense 20180528
TrendMicro 20180528
TrendMicro-HouseCall 20180528
Trustlook 20180528
VBA32 20180528
VIPRE 20180528
ViRobot 20180528
Webroot 20180528
Yandex 20180528
Zillya 20180528
ZoneAlarm by Check Point 20180528
Zoner 20180528
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-28 17:10:43
Entry Point 0x0000143D
Number of sections 5
PE sections
PE imports
DeregisterEventSource
RegQueryReflectionKey
JetInit2
GetTextColor
GetFontLanguageInfo
GetNearestColor
GetCurrentPositionEx
GetCurrentProcess
TerminateProcess
GetProcessAffinityMask
GetCurrentConsoleFont
ReadFileEx
GetCommandLineA
ToUnicodeEx
IsDlgButtonChecked
ToAscii
GetPhysicalCursorPos
GetCaretPos
GetMenuDefaultItem
Number of PE resources by type
RT_STRING 6
RT_DIALOG 1
Number of PE resources by language
NEUTRAL 7
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:05:28 18:10:43+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
15.0

EntryPoint
0x143d

InitializedDataSize
0

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
135168

File identification
MD5 029f511013a2ba6546b6d9cd21bcf531
SHA1 38b0ae8aac24add093eab2b2d08f03b9b9660d4d
SHA256 77e67dc61967b0e9ee021e159cdb7996f9110f93aba822135ce023d8f23e769b
ssdeep
3072:UrU3HLGRrKX2lvcTmDykyEETxcTz+5i0:p3LCNlET2mEucX+

authentihash d288c18e122b6affe9d75e59c90db231194c1b136c3369f36c3465839274b25e
imphash 6c063e5712386e0e721cab30e69a294d
File size 168.0 KB ( 172032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-28 21:01:40 UTC ( 8 months, 3 weeks ago )
Last submission 2018-05-28 21:01:40 UTC ( 8 months, 3 weeks ago )
File names codexgigas_38b0ae8aac24add093eab2b2d08f03b9b9660d4d
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!