× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7c167b37d9db807cdd4e7a3928677e67d17a98942643131c91fe8877774ecb15
File name: MinecraftSPSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrv...
Detection ratio: 49 / 55
Analysis date: 2015-11-30 23:46:09 UTC ( 3 years, 2 months ago )
Antivirus Result Update
Ad-Aware Win32.Ramnit 20151130
Yandex Win32.Ramnit.Gen.3 20151130
AhnLab-V3 Win32/Ramnit.B 20151130
ALYac Win32.Ramnit 20151130
Antiy-AVL Virus/Win32.Nimnul.a 20151130
Arcabit Win32.Ramnit 20151130
Avast Win32:RmnDrp 20151130
AVG PSW.Generic12.AMWG 20151130
Avira (no cloud) W32/Ramnit.A 20151130
AVware Virus.Win32.Ramnit.a (v) 20151130
Baidu-International Virus.Win32.Nimnul.$a 20151130
BitDefender Win32.Ramnit 20151130
Bkav W32.HfsAutoB.20A5 20151130
CAT-QuickHeal W32.Ramnit.A 20151130
ClamAV W32.Ramnit-1 20151130
Comodo Packed.Win32.MUPX.Gen 20151130
Cyren W32/Ramnit.B 20151130
DrWeb Trojan.Packed.20343 20151130
Emsisoft Win32.Ramnit (B) 20151130
ESET-NOD32 Win32/Ramnit.A 20151201
F-Prot W32/Ramnit.B 20151130
F-Secure Win32.Ramnit 20151130
Fortinet W32/Ramnit.C 20151130
GData Win32.Ramnit 20151130
Ikarus Packer.Win32.Krap 20151130
Jiangmin Win32/PatchFile.et 20151130
K7AntiVirus Virus ( 002fe95d1 ) 20151130
K7GW Virus ( 002fe95d1 ) 20151130
Kaspersky Virus.Win32.Nimnul.a 20151130
Malwarebytes Trojan.Zbot 20151130
McAfee PWS-Zbot.gen.pq 20151130
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.cc 20151130
Microsoft Virus:Win32/Ramnit.A 20151130
eScan Win32.Ramnit 20151130
NANO-Antivirus Virus.Win32.Nimnul.bpchjo 20151130
nProtect Trojan/W32.Krap.114176.FE 20151130
Panda W32/Cosmu.gen 20151130
Qihoo-360 Virus.Win32.Ramnit.B 20151201
Rising PE:Virus.Ramnit!1.9AA5 [F] 20151129
Sophos AV W32/Patched-I 20151201
Symantec W32.Ramnit!inf 20151130
TotalDefense Win32/Ramnit.A 20151130
TrendMicro PE_RAMNIT.H 20151201
TrendMicro-HouseCall PE_RAMNIT.H 20151201
VBA32 Virus.Win32.Nimnul.a 20151130
VIPRE Virus.Win32.Ramnit.a (v) 20151201
ViRobot Win32.Ramnit.E[h] 20151130
Zillya Virus.Nimnul.Win32.1 20151201
Zoner Trojan.Zbot 20151130
AegisLab 20151130
Alibaba 20151130
ByteHero 20151201
CMC 20151130
Tencent 20151201
TheHacker 20151127
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2528-6142

Product ??????
Original name nedwp.exe
Internal name ?????????
File version 106.42.73.61
Description BitDefender Management Console
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-02-12 11:02:20
Entry Point 0x0002E000
Number of sections 4
PE sections
PE imports
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
DragFinish
WinHelpW
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
7.4

ImageVersion
8.1

FileVersionNumber
106.42.73.61

UninitializedDataSize
122880

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
4096

EntryPoint
0x2e000

OriginalFileName
nedwp.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
106.42.73.61

TimeStamp
2008:02:12 12:02:20+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
106.42.73.61

FileDescription
BitDefender Management Console

OSVersion
10.0

FileOS
Windows NT 32-bit

LegalCopyright
2528-6142

MachineType
Intel 386 or later, and compatibles

CompanyName
SOFTWIN S.R.L.

CodeSize
57344

FileSubtype
0

ProductVersionNumber
106.42.73.61

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
Compressed bundles
File identification
MD5 b2b5845bbdc136cf4d0cb55938e9ca5f
SHA1 d0ac7323922b5c3360256f23a9a4d468d58b5c78
SHA256 7c167b37d9db807cdd4e7a3928677e67d17a98942643131c91fe8877774ecb15
ssdeep
3072:TROzoTq0+RO7IwnYhZzozcyeptpWy55G5x:1kdNwBEMwYyrG5

authentihash 6ebbb8027a68a2bc4eb97c37834cbb3cfc61dc5c624002ff60010e5e285d0d43
imphash 500cd02578808f964519eb2c85153046
File size 111.5 KB ( 114176 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.1%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
Clipper DOS Executable (10.4%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2015-11-30 23:46:09 UTC ( 3 years, 2 months ago )
Last submission 2015-11-30 23:46:09 UTC ( 3 years, 2 months ago )
File names nedwp.exe
?????????
MinecraftSPSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrvSrv.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
DNS requests