× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7ae17affe0c3c2bf997405e96e7cc2d42363bc7e945633cdc2be9d0cd169360f
File name: 007048821
Detection ratio: 55 / 57
Analysis date: 2016-06-04 20:06:24 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
ALYac Trojan.GenericKD.1356164 20160604
AVG Generic35.OLC 20160604
AVware Trojan-Downloader.Win32.Small.aabc (v) 20160604
Ad-Aware Trojan.GenericKD.1356164 20160604
AegisLab Troj.W32.Agent.aclil!c 20160604
AhnLab-V3 Trojan/Win32.ZBot 20160604
Antiy-AVL Trojan/Win32.Agent 20160604
Arcabit Trojan.Generic.D14B184 20160604
Avast Win32:CompanyReports-A [Trj] 20160604
Avira (no cloud) TR/Drop.Wuxfpii.B 20160604
Baidu Win32.Trojan.WisdomEyes.151026.9950.9983 20160603
Baidu-International Trojan.Win32.Agent.40 20160604
BitDefender Trojan.GenericKD.1356164 20160604
Bkav W32.AppdataDoybsu.Trojan 20160604
CAT-QuickHeal TrojanDownloader.Upatre.A4 20160604
ClamAV Win.Trojan.Upatre-3345 20160604
Comodo TrojWare.Win32.TrojanDownloader.Small.AAN 20160604
Cyren W32/Trojan.GYZP-7711 20160604
DrWeb Trojan.DownLoad3.29829 20160604
ESET-NOD32 Win32/TrojanDownloader.Small.AAN 20160604
Emsisoft Trojan.GenericKD.1356164 (B) 20160604
F-Prot W32/Trojan3.GHD 20160604
F-Secure Trojan.GenericKD.1356164 20160604
Fortinet W32/Zbot.BBAD!tr 20160604
GData Trojan.GenericKD.1356164 20160604
Ikarus Trojan-Spy.Zbot 20160604
Jiangmin Trojan/Generic.bajzo 20160604
K7AntiVirus Riskware ( 0040eff71 ) 20160604
K7GW Riskware ( 0040eff71 ) 20160604
Kaspersky Trojan.Win32.Agent.aclil 20160604
Kingsoft Win32.Troj.Undef.(kcloud) 20160604
Malwarebytes Spyware.Zbot.FXL 20160604
McAfee PWS-Zbot.gen.ad 20160604
McAfee-GW-Edition BehavesLike.Win32.ZBot.lh 20160604
eScan Trojan.GenericKD.1356164 20160604
Microsoft TrojanDownloader:Win32/Upatre.A 20160604
NANO-Antivirus Trojan.Win32.DownLoad3.clonvt 20160604
Panda Trj/Agent.IVN 20160604
Qihoo-360 HEUR/Malware.QVM20.Gen 20160604
Rising Malware.Generic!lCCeEUIl0tP@5 (Thunder) 20160604
SUPERAntiSpyware Trojan.Agent/Gen-Zbot 20160604
Sophos Mal/Agent-AMT 20160604
Symantec Downloader 20160604
Tencent Win32.Trojan.Agent.Ssgu 20160604
TheHacker Trojan/Downloader.Small.aan 20160604
TotalDefense Win32/Tnega.ATGH 20160604
TrendMicro TROJ_UPATRE.JAM 20160604
TrendMicro-HouseCall TROJ_UPATRE.JAM 20160604
VBA32 TrojanDropper.Agent 20160603
VIPRE Trojan-Downloader.Win32.Small.aabc (v) 20160604
ViRobot Trojan.Win32.Z.Agent.15360.AR[h] 20160604
Yandex Trojan.Agent!Ul6i+Znc5Rk 20160604
Zillya Trojan.Agent.Win32.430236 20160603
Zoner Trojan.Small.AAN 20160604
nProtect Trojan.GenericKD.1356164 20160603
Alibaba 20160603
CMC 20160602
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-10-21 21:13:34
Entry Point 0x00001000
Number of sections 4
PE sections
PE imports
TextOutA
GetStockObject
GetLastError
GetModuleHandleA
ExitProcess
GetMessageA
CreateWindowExA
LoadCursorA
DispatchMessageA
EndPaint
BeginPaint
EnumWindows
MessageBoxA
TranslateMessage
DefWindowProcA
RegisterClassExA
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:10:21 22:13:34+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
8192

LinkerVersion
9.0

EntryPoint
0x1000

InitializedDataSize
6144

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 5138b3b410a1da4cbc3fcc2d9c223584
SHA1 1e20a3c5789124f4b491cd03a4d62ba2e214c140
SHA256 7ae17affe0c3c2bf997405e96e7cc2d42363bc7e945633cdc2be9d0cd169360f
ssdeep
192:GgX/KDUukTZb8VScvxF2nvSD1SG8zjr7O+1vTSd+N5nResQ7XRznS358MCl1i16v:Jk4TZCsnI4X7ONk53ASJ8Me26I+X

authentihash 277576f7de89ab1b9e49c58c1ff681ab9ee8c5d5deda6877d8d408f9fd4f724a
imphash 692f6e2a0c8a2d556704b0e8e04c1a17
File size 15.0 KB ( 15360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-22 00:34:06 UTC ( 2 years, 9 months ago )
Last submission 2015-06-12 11:30:05 UTC ( 1 year, 1 month ago )
File names Company_Report_10222013.txt
7ae17affe0c3c2bf997405e96e7cc2d42363bc7e945633cdc2be9d0cd169360f.exe
Company_Report_0_00.exe
Company_Report_10222013.ex_.bin
7ae17affe0c3c2bf997405e96e7cc2d42363bc7e945633cdc2be9d0cd169360f
5138b3b410a1da4cbc3fcc2d9c223584.exe
Company_Report_10222013.ex1
c-37d1d-409-1382411104
5138b3b410a1da4cbc3fcc2d9c223584
Report_10222013.exe
X.W32.Sasfis.pak.exe
company_report.exe
Company_Report_10222013.exe
vti-rescan
007048821
Company_Report_10222013.xe
CompanyReport10222013.exe
file-6107971_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!