× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7a81251bbefde321c0cb4755a29da79ecebb37721d3b38a01ed5e505f95cf011
File name: gIGSBXS.exe
Detection ratio: 11 / 57
Analysis date: 2017-02-06 11:45:07 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20170206
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170125
Bkav HW32.Packed.A359 20170204
Comodo Heur.Packed.Unknown 20170206
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170130
Fortinet W32/Kryptik.FNRI!tr 20170206
Sophos ML generic.a 20170203
K7GW Hacktool ( 655367771 ) 20170206
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.cc 20170206
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20170206
Symantec ML.Attribute.HighConfidence 20170205
Ad-Aware 20170206
AhnLab-V3 20170205
Alibaba 20170122
ALYac 20170206
Antiy-AVL 20170206
Arcabit 20170206
Avast 20170206
AVG 20170206
Avira (no cloud) 20170206
AVware 20170206
BitDefender 20170206
CAT-QuickHeal 20170206
ClamAV 20170206
CMC 20170206
Cyren 20170206
DrWeb 20170206
Emsisoft 20170206
ESET-NOD32 20170206
F-Prot 20170206
F-Secure 20170206
GData 20170206
Ikarus 20170206
Jiangmin 20170206
K7AntiVirus 20170206
Kaspersky 20170206
Kingsoft 20170206
Malwarebytes 20170206
McAfee 20170206
Microsoft 20170206
eScan 20170206
NANO-Antivirus 20170205
nProtect 20170206
Panda 20170205
Rising 20170206
Sophos AV 20170206
SUPERAntiSpyware 20170206
Tencent 20170206
TheHacker 20170205
TotalDefense 20170206
TrendMicro 20170206
TrendMicro-HouseCall 20170206
Trustlook 20170206
VBA32 20170206
VIPRE 20170206
ViRobot 20170206
WhiteArmor 20170202
Yandex 20170205
Zillya 20170206
Zoner 20170206
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Ghbsg Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name COMUID.DLL
Internal name COMUID.DLL
File version 2001.12.10530.17415 (winblue_r4.141028-1500)
Description COM+ Explorer UI
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-06 01:00:00
Entry Point 0x0000CD00
Number of sections 10
PE sections
PE imports
OpenCluster
UnlockFile
AreFileApisANSI
GetProfileStringW
DecodeSystemPointer
GetProcessIoCounters
DosDateTimeToFileTime
TlsGetValue
ResetWriteWatch
RemoveDirectoryW
GlobalCompact
ScrollConsoleScreenBufferW
GetCommandLineW
FindResourceExW
ReplaceFileA
FreeConsole
GetFileInformationByHandle
GetCommandLineA
GetCurrentThreadId
FindFirstVolumeW
SHGetFileInfoA
FindWindowW
strtol
_snwprintf_l
ispunct
PdhCollectQueryDataEx
PdhParseCounterPathW
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2001.12.10530.17415

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
111104

EntryPoint
0xcd00

OriginalFileName
COMUID.DLL

MIMEType
application/octet-stream

LegalCopyright
Ghbsg Corporation. All rights reserved.

FileVersion
2001.12.10530.17415 (winblue_r4.141028-1500)

TimeStamp
2017:02:06 02:00:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
COMUID.DLL

ProductVersion
6.3.9601.17415

FileDescription
COM+ Explorer UI

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Ghbsg Corporation

CodeSize
49152

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.3.9600.17415

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f91acc5d026180c29ab7cbb17519562d
SHA1 b045a599d35041274ea6f3d18165f9d966896512
SHA256 7a81251bbefde321c0cb4755a29da79ecebb37721d3b38a01ed5e505f95cf011
ssdeep
3072:9jVlTnOUoHjbjp32qjPvi3xqh3aKHI0aDwV8AAfltWJP59iMgDeReEUJO9:dzOdvt2H3x+3aKHrrW8JqDeoVU

authentihash 0855c45a3c3e2e0e9b6e9f278224cfd8ab9160ee925f071a4cdff85b0f849190
imphash 181e41adee118d1b7c20499a780b5165
File size 142.3 KB ( 145692 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-02-06 11:11:26 UTC ( 2 years, 2 months ago )
Last submission 2018-01-22 12:30:22 UTC ( 1 year, 3 months ago )
File names gIGSBXS.exe
d4352c5a1d39bbb38c52a44eb9576332.12a3d151537955b4d97052c1f9b2e89eb29dd0d4.file_f91acc5d026180c29ab7cbb17519562d
COMUID.DLL
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!