× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 77ebbad7ff7979c1859064cafbdfa58d6401c969205c132f6fe0236a7ef7870b
File name: ORDER LIST.exe
Detection ratio: 15 / 56
Analysis date: 2016-04-18 13:42:06 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.40696 20160418
ALYac Gen:Variant.Razy.40696 20160418
Arcabit Trojan.Razy.D9EF8 20160418
Baidu Win32.Trojan.WisdomEyes.151026.9950.9988 20160418
BitDefender Gen:Variant.Razy.40696 20160418
Emsisoft Gen:Variant.Razy.40696 (B) 20160418
ESET-NOD32 a variant of MSIL/Kryptik.FVU 20160418
F-Secure Gen:Variant.Razy.40696 20160418
GData Gen:Variant.Razy.40696 20160418
Jiangmin Trojan.Scar.eoq 20160418
Kaspersky UDS:DangerousObject.Multi.Generic 20160418
McAfee-GW-Edition BehavesLike.Win32.Trojan.ch 20160418
eScan Gen:Variant.Razy.40696 20160418
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20160418
Tencent Win32.Trojan.Inject.Auto 20160418
AegisLab 20160418
AhnLab-V3 20160418
Alibaba 20160418
Antiy-AVL 20160418
Avast 20160418
AVG 20160418
Avira (no cloud) 20160418
AVware 20160418
Baidu-International 20160418
Bkav 20160415
CAT-QuickHeal 20160418
ClamAV 20160418
CMC 20160415
Comodo 20160418
Cyren 20160418
DrWeb 20160418
F-Prot 20160418
Fortinet 20160418
Ikarus 20160418
K7AntiVirus 20160418
K7GW 20160418
Kingsoft 20160418
Malwarebytes 20160418
McAfee 20160417
Microsoft 20160418
NANO-Antivirus 20160418
nProtect 20160415
Panda 20160417
Rising 20160418
Sophos AV 20160418
SUPERAntiSpyware 20160418
Symantec 20160418
TheHacker 20160417
TrendMicro 20160418
TrendMicro-HouseCall 20160418
VBA32 20160418
VIPRE 20160418
ViRobot 20160418
Yandex 20160416
Zillya 20160418
Zoner 20160418
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Licensed under the GNU GPL v3.

Product Process Hacker
Original name ORDER LIST.exe
Internal name ORDER LIST.exe
File version 2.38.0.100
Description Process Hacker
Comments Process Hacker
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-04-18 10:20:29
Entry Point 0x000ABBEE
Number of sections 3
.NET details
Module Version ID dacf98b0-51ef-49d5-8c59-3752b6a29e73
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Process Hacker

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.38.0.100

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Process Hacker

CharacterSet
Unicode

InitializedDataSize
164352

EntryPoint
0xabbee

OriginalFileName
ORDER LIST.exe

MIMEType
application/octet-stream

LegalCopyright
Licensed under the GNU GPL v3.

FileVersion
2.38.0.100

TimeStamp
2016:04:18 11:20:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ORDER LIST.exe

ProductVersion
2.38.0.100

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Process Hacker

CodeSize
695296

ProductName
Process Hacker

ProductVersionNumber
2.38.0.100

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
2.38.0.100

Compressed bundles
File identification
MD5 3529f9bf2b955873576bb4f28171c38f
SHA1 8a2832908a9036c127426b76cceb4b880c343e96
SHA256 77ebbad7ff7979c1859064cafbdfa58d6401c969205c132f6fe0236a7ef7870b
ssdeep
12288:a8Zwuv5g6hWmuE5TlUzL41CLJ6j3W+SsI7yvcTzYpuNiabhT3L+:afmf5BOsU/yUTkpUbB

authentihash 0292a6ec97a7b8b0fb2221feeb82deed9ca18066d9ca8b2503438e953de5368f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 840.0 KB ( 860160 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-04-18 13:42:06 UTC ( 1 year, 4 months ago )
Last submission 2017-01-16 03:58:10 UTC ( 7 months ago )
File names 3529f9bf2b955873576bb4f28171c38f
ORDER LIST.exe
8a2832908a9036c127426b76cceb4b880c343e96.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications