× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 79c790d8295e40193a66e919159753bf824a8b4544a48a818f355deb6ce1a7d7
File name: StudentScore
Detection ratio: 44 / 55
Analysis date: 2015-05-01 20:05:31 UTC ( 3 years, 8 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.536819 20150503
Yandex TrojanSpy.Zbot!eFfRhvT0qyc 20150502
AhnLab-V3 Trojan/Win32.MDA 20150502
ALYac Trojan.GenericKD.2084858 20150503
Antiy-AVL Trojan/Win32.Inject 20150502
Avast Win32:Agent-AVVO [Trj] 20150503
AVG Inject2.BLLZ 20150503
AVware Trojan.Win32.Generic!BT 20150503
Baidu-International Trojan.Win32.Zbot.uvly 20150502
BitDefender Gen:Variant.Kazy.536819 20150503
CAT-QuickHeal TrojanPWS.Zbot.AP4 20150502
ClamAV Win.Trojan.Generickd-2014 20150503
Comodo UnclassifiedMalware 20150502
Cyren W32/Trojan.LKOO-8625 20150503
DrWeb Trojan.DownLoader6.4624 20150503
Emsisoft Gen:Variant.Kazy.536819 (B) 20150503
ESET-NOD32 a variant of Win32/Injector.BRTR 20150503
F-Prot W32/Trojan3.NDF 20150503
F-Secure Trojan.Generic.12534560 20150503
Fortinet W32/Zbot.UVLY!tr 20150503
GData Gen:Variant.Kazy.536819 20150503
Ikarus Trojan.VB.Injector 20150502
Jiangmin TrojanSpy.Zbot.hnke 20150430
K7AntiVirus Trojan ( 004b2d2b1 ) 20150503
K7GW Trojan ( 004b2d2b1 ) 20150502
Kaspersky HEUR:Trojan.Win32.Generic 20150503
McAfee Generic-FAVX!FA09B4082738 20150503
McAfee-GW-Edition Generic-FAVX!FA09B4082738 20150503
Microsoft VirTool:Win32/CeeInject.gen!KK 20150503
eScan Gen:Variant.Kazy.536819 20150503
NANO-Antivirus Trojan.Win32.Zbot.dmljcw 20150503
Norman ZBot.XQYP 20150502
nProtect Trojan.GenericKD.2084858 20150430
Panda Trj/Genetic.gen 20150502
Sophos AV Mal/Zbot-SX 20150503
Symantec Trojan.Zbot 20150503
Tencent Trojan.Win32.Qudamah.Gen.6 20150503
TheHacker Trojan/Injector.brtr 20150502
TotalDefense Win32/Zbot.CAcMZXC 20150430
TrendMicro TROJ_GEN.R021C0DAI15 20150503
TrendMicro-HouseCall TROJ_GEN.R021C0DAI15 20150503
VBA32 TrojanSpy.Zbot 20150501
VIPRE Trojan.Win32.Generic!BT 20150503
Zillya Trojan.Zbot.Win32.173231 20150501
AegisLab 20150503
Alibaba 20150503
Bkav 20150425
ByteHero 20150503
CMC 20150501
Kingsoft 20150503
Qihoo-360 20150503
Rising 20150502
SUPERAntiSpyware 20150502
ViRobot 20150503
Zoner 20150430
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2011

Publisher
Product StudentScore
Original name StudentScore.exe
Internal name StudentScore
File version 1, 0, 0, 1
Description StudentScore
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-01-15 15:11:17
Entry Point 0x000037E0
Number of sections 4
PE sections
PE imports
GetModuleFileNameW
Ord(3820)
Ord(4525)
Ord(1131)
Ord(2438)
Ord(5573)
Ord(4621)
Ord(537)
Ord(5298)
Ord(2980)
Ord(6371)
Ord(6113)
Ord(6318)
Ord(5237)
Ord(4583)
Ord(5208)
Ord(4073)
Ord(6048)
Ord(4607)
Ord(5278)
Ord(5257)
Ord(3733)
Ord(5736)
Ord(3311)
Ord(5236)
Ord(4523)
Ord(3577)
Ord(5238)
Ord(5727)
Ord(641)
Ord(3449)
Ord(4616)
Ord(3167)
Ord(6332)
Ord(2873)
Ord(2534)
Ord(3917)
Ord(536)
Ord(4717)
Ord(4852)
Ord(296)
Ord(4539)
Ord(6370)
Ord(616)
Ord(815)
Ord(366)
Ord(3257)
Ord(2717)
Ord(317)
Ord(5233)
Ord(2570)
Ord(2382)
Ord(2388)
Ord(5256)
Ord(5699)
Ord(1937)
Ord(4343)
Ord(567)
Ord(3076)
Ord(3345)
Ord(4233)
Ord(1739)
Ord(4430)
Ord(609)
Ord(3060)
Ord(3193)
Ord(5285)
Ord(4617)
Ord(3569)
Ord(6195)
Ord(4381)
Ord(338)
Ord(1903)
Ord(4414)
Ord(5097)
Ord(4451)
Ord(825)
Ord(1779)
Ord(4604)
Ord(5710)
Ord(693)
Ord(5276)
Ord(4146)
Ord(2502)
Ord(4401)
Ord(2874)
Ord(540)
Ord(6119)
Ord(2858)
Ord(4335)
Ord(4692)
Ord(1006)
Ord(2403)
Ord(4286)
Ord(1767)
Ord(2127)
Ord(975)
Ord(4480)
Ord(4229)
Ord(2294)
Ord(823)
Ord(2047)
Ord(775)
Ord(4537)
Ord(5186)
Ord(4958)
Ord(813)
Ord(2504)
Ord(3142)
Ord(5006)
Ord(4392)
Ord(1817)
Ord(800)
Ord(5157)
Ord(4298)
Ord(1254)
Ord(6051)
Ord(5261)
Ord(3074)
Ord(2613)
Ord(3592)
Ord(4609)
Ord(4884)
Ord(3309)
Ord(4269)
Ord(2387)
Ord(2977)
Ord(2116)
Ord(4418)
Ord(560)
Ord(2641)
Ord(1834)
Ord(4268)
Ord(3053)
Ord(2859)
Ord(674)
Ord(4831)
Ord(5070)
Ord(538)
Ord(4606)
Ord(6076)
Ord(2715)
Ord(4426)
Ord(3398)
Ord(6117)
Ord(4955)
Ord(5704)
Ord(858)
Ord(4992)
Ord(5297)
Ord(4608)
Ord(4461)
Ord(4459)
Ord(4817)
Ord(3743)
Ord(986)
Ord(2377)
Ord(4893)
Ord(3825)
Ord(4419)
Ord(4074)
Ord(1719)
Ord(2640)
Ord(1089)
Ord(503)
Ord(4421)
Ord(3365)
Ord(3744)
Ord(4520)
Ord(3254)
Ord(2506)
Ord(4947)
Ord(3341)
Ord(4237)
Ord(5654)
Ord(4390)
Ord(2574)
Ord(5273)
Ord(2971)
Ord(2601)
Ord(818)
Ord(635)
Ord(4347)
Ord(5248)
Ord(1658)
Ord(324)
Ord(656)
Ord(2391)
Ord(5296)
Ord(2527)
Ord(2015)
Ord(1768)
Ord(4704)
Ord(3793)
Ord(617)
Ord(3826)
Ord(5193)
Ord(4847)
Ord(5468)
Ord(1720)
Ord(4075)
Ord(4396)
Ord(652)
Ord(5004)
Ord(5094)
Ord(4420)
Ord(1986)
Ord(3871)
Ord(520)
Ord(3635)
Ord(5939)
Ord(4094)
Ord(4435)
Ord(5303)
Ord(4518)
Ord(6171)
Ord(2546)
Ord(861)
Ord(561)
Ord(3054)
Ord(1941)
Ord(6372)
Ord(3131)
Ord(4154)
Ord(5059)
Ord(3397)
Ord(6211)
Ord(4072)
Ord(4103)
Ord(4370)
Ord(2482)
Ord(4213)
Ord(2567)
Ord(5649)
Ord(5239)
Ord(2634)
Ord(3296)
Ord(1766)
Ord(3605)
Ord(5286)
Ord(4690)
Ord(860)
__CxxFrameHandler
fread
rewind
fseek
fclose
wcscmp
ftell
_wfopen
SendMessageW
GetMenu
UpdateWindow
GetActiveWindow
EnableWindow
EnableMenuItem
Number of PE resources by type
RT_STRING 13
RT_DIALOG 9
Struct(240) 2
RT_BITMAP 2
RT_ICON 1
Struct(241) 1
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
PNG 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 30
NEUTRAL 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
French (Swiss)

FileFlagsMask
0x003f

CharacterSet
Windows, Cyrillic

InitializedDataSize
339968

FileOS
Windows NT 32-bit

EntryPoint
0x37e0

MIMEType
application/octet-stream

LegalCopyright
(C) 2011

FileVersion
1, 0, 0, 1

TimeStamp
2015:01:15 16:11:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
StudentScore

ProductVersion
1, 0, 0, 1

FileDescription
StudentScore

OSVersion
4.0

OriginalFilename
StudentScore.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
20480

ProductName
StudentScore

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 fa09b40827384c27041f9956a59a5c92
SHA1 4471f731c7ebd53343e9266a06d8899d6ea7b81d
SHA256 79c790d8295e40193a66e919159753bf824a8b4544a48a818f355deb6ce1a7d7
ssdeep
6144:iofIMyzgMyjt4SpwqHgBCrl3gI+hrSflVnfZ41/ig9Trr4bn:ilMygMYN53vpdgpa

authentihash d107803c02721204ca69052b6b09077d714e5cc61576a0dc0a1f8d49e0068a15
imphash 6d1242fe607fc16126e82e6450375b50
File size 356.5 KB ( 365056 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2015-01-16 20:28:18 UTC ( 4 years ago )
Last submission 2015-04-06 23:10:14 UTC ( 3 years, 9 months ago )
File names StudentScore
StudentScore.exe
fa09b40827384c27041f9956a59a5c92
79c790d8295e40193a66e919159753bf824a8b4544a48a818f355deb6ce1a7d7.exe
PO-37820FDT.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs