× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7bc233d3c4a1d9e1d6d7878a522c9db1f1613a3188ea6a148015d19d90315391
File name: test.txt
Detection ratio: 47 / 56
Analysis date: 2016-03-10 03:04:38 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.TDss.1 20160310
AegisLab Troj.Downloader.W32.FraudLoad.xasw!c 20160309
Yandex Trojan.DL.FraudLoad!DmpQsDgvyic 20160308
AhnLab-V3 Win-Trojan/Alureon.22016.B 20160309
ALYac Gen:Variant.TDss.1 20160310
Arcabit Trojan.TDss.1 20160310
Avast Win32:Jifas-FJ [Trj] 20160310
AVG Cryptic.GD 20160310
Avira (no cloud) TR/Crypt.XPACK.Gen 20160310
AVware Trojan.Win32.Tdss.Dgen (v) 20160310
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160225
BitDefender Gen:Variant.TDss.1 20160310
Bkav HW32.Packed.7E7F 20160309
CAT-QuickHeal FraudTool.FakeCog 20160310
Comodo TrojWare.Win32.Packed.2936 20160310
Cyren W32/Alureon.U.gen!Eldorado 20160310
DrWeb Trojan.Packed.2936 20160310
Emsisoft Gen:Variant.TDss.1 (B) 20160310
ESET-NOD32 a variant of Win32/Kryptik.DXK 20160310
F-Prot W32/Alureon.U.gen!Eldorado 20160310
F-Secure Gen:Variant.TDss.1 20160310
Fortinet W32/PackTDss.K!tr 20160309
GData Gen:Variant.TDss.1 20160310
Ikarus Packed.Win32.Tdss 20160310
Jiangmin TrojanDownloader.FraudLoad.mpv 20160310
K7AntiVirus Trojan ( 0017c0b91 ) 20160309
K7GW Trojan ( 0017c0b91 ) 20160310
Kaspersky Packed.Win32.TDSS.n 20160309
Malwarebytes Trojan.MalPack.Generic 20160309
McAfee DNSChanger.bf 20160310
McAfee-GW-Edition BehavesLike.Win32.Downloader.mh 20160309
Microsoft Trojan:Win32/Alureon.DA 20160310
eScan Gen:Variant.TDss.1 20160310
NANO-Antivirus Trojan.Win32.TDSS.tlxig 20160310
Panda Adware/DigitalProtection 20160309
Qihoo-360 TR/Dldr.FraudLoad.xasw 20160310
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20160310
Sophos AV Mal/TDSSPack-Q 20160309
Symantec Backdoor.Tidserv 20160309
TheHacker Trojan/Kryptik.gen 20160309
TotalDefense Win32/Alureon.BAB 20160308
TrendMicro TROJ_FAKEAV.SMEY 20160310
TrendMicro-HouseCall TROJ_FAKEAV.SMEY 20160310
VBA32 Trojan.TDSS.01414 20160309
VIPRE Trojan.Win32.Tdss.Dgen (v) 20160310
ViRobot Trojan.Win32.Alureon.22016[h] 20160310
Zillya Downloader.FraudLoad.Win32.15767 20160309
Alibaba 20160309
Antiy-AVL 20160310
Baidu-International 20160309
ByteHero 20160310
ClamAV 20160310
CMC 20160307
nProtect 20160309
SUPERAntiSpyware 20160310
Zoner 20160309
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-04-21 18:25:38
Entry Point 0x0000100A
Number of sections 6
PE sections
PE imports
GetLastError
GetWindowsDirectoryA
SetErrorMode
ExitProcess
VirtualProtect
SetCurrentDirectoryA
SetForegroundWindow
GetClassNameA
Number of PE resources by type
RT_RCDATA 1
RT_MESSAGETABLE 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2010:04:21 19:25:38+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
7168

LinkerVersion
2.0

FileTypeExtension
exe

InitializedDataSize
46080

SubsystemVersion
4.0

EntryPoint
0x100a

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 f81fd55b2228c77e9cacf13a13c52011
SHA1 4741e9c6e6c62b649c931d62ef0d2b53b801a530
SHA256 7bc233d3c4a1d9e1d6d7878a522c9db1f1613a3188ea6a148015d19d90315391
ssdeep
384:QZvC9dHA6kZAjf8Zlyr+1fDutD7/Dsf+G:mvgdg6iuf3r+EtD/8

authentihash 869366cba22681acd523024a834939e0151951e8f223ffafbffe44b2303f21f2
imphash d2e66e18dea33f50fa6343b049d886a4
File size 21.5 KB ( 22016 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
Clipper DOS Executable (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
corrupt peexe

VirusTotal metadata
First submission 2010-04-22 06:59:56 UTC ( 8 years, 1 month ago )
Last submission 2013-03-31 15:18:39 UTC ( 5 years, 1 month ago )
File names f81fd55b2228c77e9cacf13a13c52011
ejFqSY.com
qJhL.vbs
aa
test.txt
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!