× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7bc246de45172d00e162997b4d009c4803bc120928d50035d950f57c1f85256f
File name: horridcakemanager.exe
Detection ratio: 5 / 42
Analysis date: 2012-09-05 15:53:26 UTC ( 5 years, 9 months ago ) View latest
Antivirus Result Update
DrWeb Trojan.PWS.Stealer.1038 20120905
ESET-NOD32 a variant of Win32/Kryptik.ALLA 20120905
Fortinet W32/Androm.DW!tr 20120830
McAfee Generic BackDoor.abd 20120905
Norman W32/Kryptik.BTJ 20120905
AhnLab-V3 20120905
AntiVir 20120905
Antiy-AVL 20120905
Avast 20120905
AVG 20120905
BitDefender 20120905
ByteHero 20120830
CAT-QuickHeal 20120905
ClamAV 20120905
Commtouch 20120905
Comodo 20120905
Emsisoft 20120905
eSafe 20120904
F-Prot 20120905
F-Secure 20120905
GData 20120905
Ikarus 20120905
Jiangmin 20120905
K7AntiVirus 20120904
Kaspersky 20120905
McAfee-GW-Edition 20120905
Microsoft 20120905
nProtect 20120905
Panda 20120905
PCTools 20120905
Rising 20120905
Sophos AV 20120905
SUPERAntiSpyware 20120905
Symantec 20120905
TheHacker 20120903
TotalDefense 20120905
TrendMicro 20120905
TrendMicro-HouseCall 20120905
VBA32 20120905
VIPRE 20120905
ViRobot 20120905
VirusBuster 20120905
The file being studied is a Portable Executable file! More specifically, it is a DOS EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Linkworld

Publisher Linkworld
Product Horrid Cake Manager
Original name horridcakemanager.exe
Internal name Horrid Cake Manager
File version 7.1.0
Description Horrid Cake Manager
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-09-05 08:38:30
Entry Point 0x0000EF20
Number of sections 5
PE sections
PE imports
SetFileAttributesA
LocalFree
GetStartupInfoA
HeapFree
CopyFileW
LoadLibraryA
GlobalMemoryStatus
GetCurrentProcessId
HeapCreate
GetCurrentThreadId
CreateProcessW
QueryPerformanceCounter
HeapDestroy
DeleteAtom
LocalAlloc
GetTickCount
GetProcAddress
InitializeSListHead
AddAtomW
LoadLibraryExW
EnumDesktopsA
SetPropA
GetActiveWindow
EndDialog
OemKeyScan
ValidateRect
IsCharAlphaNumericW
DialogBoxParamA
SetWindowPos
CoFreeLibrary
CoAllowSetForegroundWindow
OleFlushClipboard
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
10.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.1.0.10335

UninitializedDataSize
0

LanguageCode
English (British)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
60928

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright Linkworld

FileVersion
7.1.0

TimeStamp
2012:09:05 01:38:30-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Horrid Cake Manager

ProductVersion
7.1.0

FileDescription
Horrid Cake Manager

OSVersion
5.1

OriginalFilename
horridcakemanager.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Linkworld

CodeSize
96768

ProductName
Horrid Cake Manager

ProductVersionNumber
7.1.0.0

EntryPoint
0xef20

ObjectFileType
Executable application

File identification
MD5 30efb4286ae4a761eb072136cd90e618
SHA1 d7a685ca5fff01f6c0c2bda0246a797c02f50d84
SHA256 7bc246de45172d00e162997b4d009c4803bc120928d50035d950f57c1f85256f
ssdeep
3072:9TN9wQn0aXF30by4Xqrg2hOSe/vJOrxYuNDJZHigUet8qrPNHRuq:xN9R0GEdXqMGi/RaYYbayrPpR

File size 113.5 KB ( 116224 bytes )
File type DOS EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Windows Screen Saver (39.4%)
Win32 Executable Generic (25.6%)
Win32 Dynamic Link Library (generic) (22.8%)
Generic Win/DOS Executable (6.0%)
DOS Executable Generic (6.0%)
Tags
peexe mz

VirusTotal metadata
First submission 2012-09-05 09:30:06 UTC ( 5 years, 9 months ago )
Last submission 2012-09-08 14:32:03 UTC ( 5 years, 9 months ago )
File names file-4460671_exe
horridcakemanager.exe
8mZsF_xy.rtf
aa
cc15707478f2aabebcb4448f828049f20daff168
ggu4AUGw.txt
malware.exe
Horrid Cake Manager
116224_30efb4286ae4a761eb072136cd90e618.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!