× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7b1a3fd52860e57ad5fc059f496db5cedc4f509caf0a6b03ba86076be2b1b2ce
File name: 83ba944c9c8fce91daa68d1b2cc3cba6
Detection ratio: 14 / 55
Analysis date: 2016-07-26 21:33:53 UTC ( 2 years, 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3428724 20160726
Arcabit Trojan.Generic.D345174 20160726
Avast Win32:Dropper-gen [Drp] 20160726
AVG Downloader.VB.AJCT 20160726
BitDefender Trojan.GenericKD.3428724 20160726
Emsisoft Trojan.GenericKD.3428724 (B) 20160726
ESET-NOD32 Win32/TrojanDownloader.VB.QZA 20160726
F-Secure Trojan.GenericKD.3428724 20160726
Fortinet W32/VB.QZA!tr.dldr 20160726
GData Trojan.GenericKD.3428724 20160726
McAfee Artemis!83BA944C9C8F 20160726
McAfee-GW-Edition BehavesLike.Win32.BadFile.dh 20160726
eScan Trojan.GenericKD.3428724 20160726
Qihoo-360 QVM09.0.Malware.Gen 20160726
AegisLab 20160726
AhnLab-V3 20160726
Alibaba 20160726
ALYac 20160726
Antiy-AVL 20160726
Avira (no cloud) 20160726
AVware 20160726
Baidu 20160726
Bkav 20160726
CAT-QuickHeal 20160726
ClamAV 20160726
CMC 20160725
Comodo 20160726
Cyren 20160726
DrWeb 20160726
F-Prot 20160726
Ikarus 20160726
Jiangmin 20160726
K7AntiVirus 20160726
K7GW 20160726
Kaspersky 20160726
Kingsoft 20160726
Malwarebytes 20160726
Microsoft 20160726
NANO-Antivirus 20160726
nProtect 20160726
Panda 20160726
Sophos AV 20160726
SUPERAntiSpyware 20160726
Symantec 20160726
Tencent 20160726
TheHacker 20160726
TotalDefense 20160726
TrendMicro 20160726
TrendMicro-HouseCall 20160726
VBA32 20160726
VIPRE 20160726
ViRobot 20160726
Yandex 20160724
Zillya 20160724
Zoner 20160726
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2003-2016 Networking Technologies,LTD

Product Networking Technologies,LTD
File version 1, 0, 0, 1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-25 11:35:02
Entry Point 0x0001B6EA
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegSetValueExA
GetFileSecurityA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
SetFileSecurityA
SetMapMode
CreatePen
SaveDC
TextOutA
CreateFontIndirectA
LineTo
GetClipBox
GetPixel
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
BitBlt
SetTextColor
CreatePatternBrush
GetObjectA
CreateFontA
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutA
PtVisible
CreateCompatibleDC
ScaleViewportExtEx
SelectObject
GetTextExtentPoint32A
Ellipse
SetWindowExtEx
CreateSolidBrush
SetViewportExtEx
Escape
SetBkColor
DeleteObject
CreateCompatibleBitmap
MoveToEx
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
HeapDestroy
lstrcmpW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
MoveFileA
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
GlobalAlloc
LocalFileTimeToFileTime
VirtualQueryEx
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
DeleteFileA
GlobalLock
VirtualProtectEx
GetProcessHeap
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
GetDiskFreeSpaceA
CompareStringA
GetTempFileNameA
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
GlobalFindAtomA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
SystemTimeToFileTime
LCMapStringW
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetVersion
FreeResource
SizeofResource
HeapCreate
VirtualFree
Sleep
FindResourceA
VirtualAlloc
VariantChangeType
VariantInit
VariantClear
DragFinish
DragQueryFileA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA
PathStripToRootA
MapWindowPoints
GetMessagePos
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
DrawTextA
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
LoadAcceleratorsA
ClientToScreen
GetTopWindow
GetMenuItemInfoA
GetWindowTextA
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
EqualRect
GetClassInfoExA
ShowWindow
GetPropA
GetMenuState
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
InsertMenuItemA
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetSubMenu
SetTimer
GetActiveWindow
ShowOwnedPopups
FillRect
CopyRect
DeferWindowPos
PtInRect
IsChild
IsDialogMessageA
SetFocus
BeginPaint
OffsetRect
RegisterWindowMessageA
DefWindowProcA
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
InflateRect
PostMessageA
ReleaseCapture
SetWindowLongA
RemovePropA
CreatePopupMenu
CheckMenuItem
GetWindowLongA
GetLastActivePopup
CreateWindowExA
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
TrackPopupMenu
SetWindowsHookExA
GetMenuItemCount
GetDesktopWindow
ReuseDDElParam
GetDC
SetForegroundWindow
ReleaseDC
IntersectRect
EndDialog
LoadMenuA
GetCapture
SetWindowTextA
DrawTextExA
GetWindowThreadProcessId
GetSysColorBrush
BeginDeferWindowPos
SetMenu
SetRectEmpty
MessageBoxA
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
IsWindowVisible
UnpackDDElParam
WinHelpA
InvalidateRect
wsprintfA
TranslateAcceleratorA
ValidateRect
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
UnhookWindowsHookEx
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetFileTitleA
Number of PE resources by type
OMG 2
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
CHINESE SIMPLIFIED 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
73728

EntryPoint
0x1b6ea

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1, 0, 0, 1

TimeStamp
2016:07:25 12:35:02+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1, 0, 0, 1

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright (c) 2003-2016 Networking Technologies,LTD

MachineType
Intel 386 or later, and compatibles

CodeSize
192512

ProductName
Networking Technologies,LTD

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Unknown

File identification
MD5 83ba944c9c8fce91daa68d1b2cc3cba6
SHA1 d1f5427eeb68585fc8ded0441db2386957efb2f4
SHA256 7b1a3fd52860e57ad5fc059f496db5cedc4f509caf0a6b03ba86076be2b1b2ce
ssdeep
3072:81o1iauszwWNfqVOgTNthbsA+lDU5nSimDSBJyEkD7M1oNFndWQg5RrXD+HtD2il:Io1lUkfqVOu3hqv/fPD7M1ojd+a46v

authentihash 5b264776727281e8db9cd7a58c617bf563645340660dff93df95fdf6de43b06c
imphash bc714d1457e2d2fda28876a803fa6b83
File size 264.0 KB ( 270336 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-26 21:33:53 UTC ( 2 years, 9 months ago )
Last submission 2016-08-18 07:09:59 UTC ( 2 years, 8 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Created processes
Opened mutexes
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.
UDP communications