× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7cb3d5b1ccd83ca32040123fea6e654f3b9e8703dc3d6f21710d476d38cd8396
File name: projetoa
Detection ratio: 49 / 57
Analysis date: 2016-09-26 13:09:14 UTC ( 2 years, 4 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.15861 20160926
AegisLab Troj.Downloader.W32.VB.ahgy!c 20160926
AhnLab-V3 Downloader/Win32.VB.N321309019 20160926
ALYac Gen:Variant.Kazy.15861 20160926
Antiy-AVL Trojan[Downloader]/Win32.VB 20160926
Arcabit Trojan.Kazy.D3DF5 20160926
Avast Win32:VB-VJQ [Drp] 20160926
AVG Downloader.Generic11.POE 20160926
Avira (no cloud) TR/Vbot.F.2 20160926
AVware Trojan.Win32.Generic.pak!cobra 20160926
BitDefender Gen:Variant.Kazy.15861 20160926
Bkav W32.SbthostKindLnr.Trojan 20160926
CAT-QuickHeal TrojanDownloader.VB.r3 20160926
CMC Generic.Win32.a48a68b7fe!CMCRadar 20160921
Comodo TrojWare.Win32.Scar.FEDK 20160926
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Cyren W32/Downloader.CU.gen!Eldorado 20160926
DrWeb Trojan.DownLoader2.28463 20160926
Emsisoft Gen:Variant.Kazy.15861 (B) 20160926
ESET-NOD32 Win32/ProxyChanger.J 20160926
F-Prot W32/Downloader.CU.gen!Eldorado 20160926
F-Secure Gen:Variant.Kazy.15861 20160926
Fortinet W32/VB.AHGY!tr.dldr 20160926
GData Gen:Variant.Kazy.15861 20160926
Ikarus Virus.Win32.Trojan 20160926
Sophos ML virtool.win32.vbinject.gx 20160917
Kaspersky Trojan-Downloader.Win32.VB.ahgy 20160926
Malwarebytes Trojan.Banker 20160926
McAfee Generic.dx!A48A68B7FEC6 20160923
McAfee-GW-Edition BehavesLike.Win32.Trojan.nz 20160926
Microsoft Trojan:Win32/Vbot.F 20160926
eScan Gen:Variant.Kazy.15861 20160926
NANO-Antivirus Trojan.Win32.VB.cnhkb 20160926
Panda Trj/Genetic.gen 20160925
Qihoo-360 Malware.Radar01.Gen 20160926
Rising Trojan.Generic-4RQ6d2Y0BiS (cloud) 20160926
Sophos AV Mal/VB-WF 20160926
SUPERAntiSpyware Trojan.Agent/Gen-Banload 20160926
Symantec Downloader 20160926
Tencent Win32.Trojan-downloader.Vb.Lmas 20160926
TheHacker Trojan/Downloader.VB.ahgy 20160926
TrendMicro TROJ_VBAGENT.VI 20160926
TrendMicro-HouseCall TROJ_VBAGENT.VI 20160926
VBA32 TrojanDownloader.VB 20160923
VIPRE Trojan.Win32.Generic.pak!cobra 20160926
ViRobot Trojan.Win32.Downloader.32768.PE[h] 20160926
Yandex Trojan.DL.VB!0RwDyFax67g 20160925
Zillya Downloader.VB.Win32.24030 20160924
Zoner Trojan.ProxyChanger.J 20160926
Alibaba 20160926
Baidu 20160926
ClamAV 20160926
Jiangmin 20160926
K7AntiVirus 20160926
K7GW 20160926
Kingsoft 20160926
nProtect 20160926
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product sbthost
Original name projetoa.exe
Internal name projetoa
File version 1.00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-05-05 19:44:25
Entry Point 0x00001598
Number of sections 3
PE sections
PE imports
_adj_fdivr_m64
__vbaGenerateBoundsError
_allmul
_adj_fprem
__vbaRedim
__vbaRefVarAry
_adj_fdiv_r
__vbaVarIndexStore
__vbaFixstrConstruct
Ord(100)
__vbaHresultCheckObj
__vbaI2Var
_CIlog
Ord(616)
_adj_fptan
__vbaFileClose
__vbaI4Var
Ord(608)
__vbaFreeStr
__vbaFreeStrList
__vbaVargVarMove
_adj_fdiv_m16i
EVENT_SINK_QueryInterface
Ord(648)
Ord(607)
__vbaLenBstr
Ord(525)
__vbaResume
__vbaRedimPreserve
Ord(681)
Ord(576)
__vbaStrToUnicode
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
__vbaUbound
__vbaFreeVar
Ord(621)
__vbaFileOpen
Ord(711)
__vbaInStrVar
_CIsqrt
EVENT_SINK_Release
__vbaOnError
_adj_fdivr_m32i
__vbaStrCat
__vbaVarDup
__vbaChkstk
__vbaPrintFile
__vbaLsetFixstr
__vbaStrCmp
__vbaAryUnlock
__vbaError
__vbaStrVarCopy
__vbaFreeObjList
Ord(592)
__vbaVarIndexLoad
Ord(666)
__vbaVarForNext
__vbaFreeVarList
__vbaStrVarMove
__vbaExitProc
__vbaVarTstNe
__vbaFreeObj
_adj_fdivr_m32
__vbaStrVarVal
_CIcos
__vbaVarMove
__vbaErrorOverflow
__vbaNew2
__vbaAryDestruct
__vbaStrMove
_adj_fprem1
_adj_fdiv_m32
__vbaLenVar
__vbaEnd
EVENT_SINK_AddRef
_adj_fpatan
Ord(712)
__vbaVarForInit
__vbaVarVargNofree
__vbaStrCopy
Ord(645)
__vbaFPException
_adj_fdivr_m16i
_adj_fdiv_m64
_CIsin
__vbaAryLock
__vbaVarCopy
_CIatan
Ord(617)
__vbaObjSet
__vbaVarCat
_CIexp
__vbaStrToAnsi
_CItan
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
8192

EntryPoint
0x1598

OriginalFileName
projetoa.exe

MIMEType
application/octet-stream

FileVersion
1.0

TimeStamp
2011:05:05 20:44:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
projetoa

ProductVersion
1.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
20480

ProductName
sbthost

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a48a68b7fec68edbf5d1534c8e168d49
SHA1 f6560ff419ecb92b33c46c37a158564bf4eff8aa
SHA256 7cb3d5b1ccd83ca32040123fea6e654f3b9e8703dc3d6f21710d476d38cd8396
ssdeep
384:Ccwy/3jQsWyrEg5NB/eYJV+a0Q2j/br7mtdFLAo5NkD3HSTb9:bwW33h7BJUa0Q2j/S6fit

authentihash 10972b4b2b16f28c2adc09f96cf898fd028630404385131dfaba0c86f4dd9953
imphash b107d65fb0dcd1b5f44cc093a0970086
File size 32.0 KB ( 32768 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (65.7%)
Win64 Executable (generic) (22.1%)
Win32 Dynamic Link Library (generic) (5.2%)
Win32 Executable (generic) (3.6%)
Generic Win/DOS Executable (1.6%)
Tags
peexe

VirusTotal metadata
First submission 2011-05-06 15:07:50 UTC ( 7 years, 9 months ago )
Last submission 2014-04-23 18:12:05 UTC ( 4 years, 10 months ago )
File names formulario.exe
f6560ff419ecb92b33c46c37a158564bf4eff8aa.exe
file-2205337_swat
projetoa.exe
5dbd79f51a79bc91412754a1d830f4f2
a48a68b7fec68edbf5d1534c8e168d49
formulario.exe
LJ1OUXzb9.chm
projetoa
2011-05-07_22-21-13_79603_download.exe.vir
acesso.php
40 (43)
formulario[1].exe
f6560ff419ecb92b33c46c37a158564bf4eff8aa.bin
841284
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!