× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: 7fa57da2dff49332f13ea92e633db8c7cf448ff51b489d000f5208d0d6272240
File name: 93ecee56d34b410bb34c27aeedb2f386.virus
Detection ratio: 34 / 57
Analysis date: 2016-05-11 02:40:11 UTC ( 2 years, 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3213734 20160511
AegisLab W32.W.Sohanad.lIgP 20160510
ALYac Trojan.GenericKD.3213734 20160511
Antiy-AVL Trojan/Win32.Bublik 20160511
Arcabit Trojan.Generic.D3109A6 20160511
Avast Win32:Malware-gen 20160511
AVG Crypt_r.BZD 20160511
Avira (no cloud) TR/Crypt.ZPACK.wsig 20160511
AVware Trojan.Win32.Generic!BT 20160511
BitDefender Trojan.GenericKD.3213734 20160511
Cyren W32/Trojan.EGPN-5788 20160511
DrWeb BackDoor.IRC.NgrBot.566 20160511
Emsisoft Trojan.GenericKD.3213734 (B) 20160511
ESET-NOD32 a variant of Win32/Kryptik.EWSS 20160510
F-Secure Trojan.GenericKD.3213734 20160511
Fortinet W32/Bourben.ADA!tr 20160510
GData Trojan.GenericKD.3213734 20160510
Jiangmin Trojan.Bublik.bfr 20160511
K7AntiVirus Trojan ( 004ee5761 ) 20160510
K7GW Trojan ( 004ee5761 ) 20160511
Kaspersky Trojan.Win32.Bublik.eimf 20160511
McAfee Gamarue-FFP!93ECEE56D34B 20160511
McAfee-GW-Edition BehavesLike.Win32.Backdoor.dh 20160511
eScan Trojan.GenericKD.3213734 20160511
NANO-Antivirus Trojan.Win32.ZPACK.eccnbl 20160511
nProtect Trojan.GenericKD.3213734 20160510
Panda Trj/GdSda.A 20160510
Rising Trojan.Kryptik!1.A32E 20160511
Sophos AV Mal/Generic-S 20160511
Symantec Suspicious.Cloud.9 20160511
Tencent Win32.Trojan.Kryptik.Huzk 20160511
TrendMicro TROJ_FORUCON.BMC 20160511
TrendMicro-HouseCall TROJ_FORUCON.BMC 20160511
VIPRE Trojan.Win32.Generic!BT 20160511
AhnLab-V3 20160510
Alibaba 20160511
Baidu 20160510
Baidu-International 20160510
Bkav 20160510
CAT-QuickHeal 20160510
ClamAV 20160509
CMC 20160510
Comodo 20160511
F-Prot 20160511
Ikarus 20160510
Kingsoft 20160511
Malwarebytes 20160511
Microsoft 20160510
Qihoo-360 20160511
SUPERAntiSpyware 20160511
TheHacker 20160510
TotalDefense 20160511
VBA32 20160510
ViRobot 20160510
Yandex 20160510
Zillya 20160510
Zoner 20160511
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-07 15:01:36
Entry Point 0x000059D7
Number of sections 6
PE sections
PE imports
[+] ADVAPI32.dll
RegCreateKeyExW
RegCloseKey
LookupAccountSidW
RegCreateKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
RegQueryValueExW
GetFileSecurityW
OpenProcessToken
DeregisterEventSource
RegOpenKeyExW
SetFileSecurityW
RegisterEventSourceA
SetTokenInformation
RegOpenKeyW
LookupAccountNameW
RegQueryValueW
GetTokenInformation
DuplicateTokenEx
GetUserNameW
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetLengthSid
CreateProcessAsUserW
RegDeleteValueW
RegSetValueExW
RegEnumValueW
EqualSid
ReportEventA
[+] GDI32.dll
SetDIBits
GetTextMetricsW
SetMapMode
GetWindowOrgEx
GetNearestColor
GetPaletteEntries
CombineRgn
PlayMetaFile
GetROP2
GetViewportOrgEx
GetObjectType
CreateMetaFileW
SetColorAdjustment
GetBoundsRect
SetLayout
StretchBlt
SetPixel
EndDoc
IntersectClipRect
OffsetWindowOrgEx
CreateEllipticRgn
GetColorSpace
GetTextFaceW
CreatePalette
CreateDIBitmap
GetPolyFillMode
GetDIBits
SetTextAlign
GdiAlphaBlend
StretchDIBits
ScaleViewportExtEx
ArcTo
SetICMMode
CloseMetaFile
SetViewportExtEx
ExtCreatePen
SetBkColor
GetBkColor
SetRectRgn
MoveToEx
GetTextCharsetInfo
TextOutW
GetSystemPaletteEntries
OffsetRgn
GetCurrentPositionEx
CreateRectRgnIndirect
LPtoDP
GetBitmapBits
GetLayout
PolyDraw
ExcludeClipRect
OffsetViewportOrgEx
SetBkMode
EnumFontFamiliesW
PtInRegion
OffsetClipRgn
BitBlt
GetDeviceCaps
FillRgn
SetAbortProc
FrameRgn
SelectPalette
PtVisible
GetLogColorSpaceW
ExtSelectClipRgn
StartDocW
ScaleWindowExtEx
SetROP2
EndPage
GetNearestPaletteIndex
SetDIBColorTable
SetDIBitsToDevice
GetTextColor
Escape
SetWindowExtEx
DeleteObject
SetGraphicsMode
PlayMetaFileRecord
GetWindowExtEx
PatBlt
CreatePen
AddFontResourceW
GetClipBox
Rectangle
PolylineTo
GetObjectA
CreateDCA
LineTo
DeleteDC
SetWorldTransform
GetMapMode
CreateFontIndirectW
GetCharWidthW
StartPage
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreateDIBPatternBrushPt
ExtTextOutW
SetPaletteEntries
CreateBitmap
RectVisible
GetStockObject
GetRgnBox
GdiFlush
SelectClipRgn
RoundRect
GetTextAlign
SetWindowOrgEx
SelectObject
GetViewportExtEx
SetTextCharacterExtra
GetTextExtentPoint32W
CreatePatternBrush
CreatePolygonRgn
Polygon
GetBkMode
SaveDC
EnumMetaFile
ModifyWorldTransform
RestoreDC
GetPixel
SetMapperFlags
GetStretchBltMode
SelectClipPath
CreateDIBSection
SetTextColor
ExtFloodFill
GetCurrentObject
SetPixelV
EnumFontFamiliesExW
SetViewportOrgEx
SetArcDirection
CreateRoundRectRgn
CreateCompatibleDC
PolyBezierTo
CreateFontW
SetStretchBltMode
SetBrushOrgEx
CreateRectRgn
GetClipRgn
SetPolyFillMode
CopyMetaFileW
Ellipse
SetTextJustification
CreateSolidBrush
Polyline
DPtoLP
AbortDoc
CreateCompatibleBitmap
DeleteMetaFile
[+] KERNEL32.dll
GetProfileIntW
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
FindNextFileA
HeapDestroy
GetPrivateProfileSectionNamesW
ReplaceFileW
IsValidLocale
GetFileAttributesW
DuplicateHandle
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
EnumSystemLocalesW
LocalAlloc
FreeEnvironmentStringsW
GetVolumeInformationW
SetErrorMode
_llseek
VerifyVersionInfoW
GetFileInformationByHandle
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetStringTypeA
GetDiskFreeSpaceW
WriteFile
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
FormatMessageW
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
MoveFileW
SetFileAttributesW
EncodePointer
OutputDebugStringA
WritePrivateProfileStringW
GetEnvironmentVariableW
SetLastError
LocalLock
GetSystemTime
ReadConsoleInputA
CopyFileW
OutputDebugStringW
GetModuleFileNameW
TryEnterCriticalSection
CopyFileA
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetStringTypeExW
lstrcmpiW
RaiseException
SetThreadPriority
GetSystemDefaultLCID
LoadLibraryExW
MultiByteToWideChar
GetLocalTime
SetFilePointerEx
GetPrivateProfileStringW
GetModuleHandleA
_lclose
GetFullPathNameW
GlobalAddAtomW
CreateThread
GetSystemDefaultUILanguage
MoveFileExW
GetSystemDirectoryW
CreatePipe
CreateSemaphoreW
MulDiv
IsProcessorFeaturePresent
ExitThread
SetHandleInformation
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
InterlockedDecrement
GetVersion
GetModuleHandleExW
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetLocaleInfoA
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
CloseHandle
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
PeekNamedPipe
SetHandleCount
TerminateThread
LoadLibraryW
GlobalGetAtomNameW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalFindAtomW
GlobalSize
GetStartupInfoA
UnlockFile
SystemTimeToFileTime
GetWindowsDirectoryW
DecodePointer
GetFileSize
LCMapStringW
OpenProcess
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindFirstFileExA
FindNextFileW
GetUserDefaultUILanguage
ResetEvent
FindFirstFileW
GlobalMemoryStatus
lstrcmpW
WaitForMultipleObjects
GetProcAddress
_lread
GetTempPathW
CreateEventW
SearchPathW
CreateFileW
WriteConsoleA
GetNumberOfConsoleInputEvents
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LocalUnlock
LeaveCriticalSection
GetLastError
LocalReAlloc
FlushConsoleInputBuffer
GlobalDeleteAtom
GetShortPathNameW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetTimeFormatW
IsDebuggerPresent
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
Process32NextW
VirtualFree
OpenFile
LockFile
Module32FirstW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
HeapSize
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
HeapQueryInformation
GetCPInfo
GetAtomNameW
GetCommandLineA
FindFirstFileExW
VerSetConditionMask
Process32FirstW
GetCurrentThread
SuspendThread
GetSystemDefaultLangID
ReadConsoleW
UnhandledExceptionFilter
TlsFree
SetFilePointer
ReadFile
GlobalFlags
FindFirstFileA
PeekConsoleInputA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
_lwrite
GetFileAttributesExW
FindResourceExW
GetEnvironmentStrings
IsValidCodePage
SetConsoleMode
FindResourceW
CreateProcessW
FatalAppExitA
Sleep
SetConsoleCtrlHandler
SystemTimeToTzSpecificLocalTime
OpenSemaphoreW
VirtualAlloc
GetOEMCP
CompareStringA
[+] SHELL32.dll
DragQueryFileW
ShellExecuteW
SHCreateDirectoryExW
SHBrowseForFolderW
SHGetFolderPathW
ExtractIconW
SHGetPathFromIDListW
FindExecutableW
SHGetSpecialFolderLocation
ShellExecuteExW
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
SHAddToRecentDocs
SHGetSpecialFolderPathW
SHGetMalloc
CommandLineToArgvW
DragFinish
[+] SHLWAPI.dll
PathIsRelativeW
SHDeleteKeyW
PathFindFileNameW
SHStrDupW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
StrFormatKBSizeW
SHDeleteValueW
PathStripToRootW
AssocQueryStringW
PathIsRootW
PathIsDirectoryW
PathRemoveExtensionW
[+] USER32.dll
RedrawWindow
GetMessagePos
SetWindowRgn
SetMenuItemBitmaps
LoadBitmapW
MoveWindow
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
SetScrollPos
IsWindow
GrayStringW
ScreenToClient
ScrollWindowEx
OpenIcon
WindowFromPoint
GetMessageTime
SetMenuItemInfoW
SendMessageW
SetActiveWindow
DispatchMessageW
GetAsyncKeyState
MapDialogRect
GetMenuStringW
GetMenu
UnregisterClassW
GetClassInfoW
CreateAcceleratorTableW
DefWindowProcW
GetWindow
GetNextDlgTabItem
InSendMessage
CallNextHookEx
IsClipboardFormatAvailable
LoadImageW
GetKeyboardState
GetActiveWindow
OpenClipboard
GetWindowTextW
SetDlgItemTextW
CopyAcceleratorTableW
GetWindowTextLengthW
GetTabbedTextExtentW
LoadAcceleratorsW
ScrollWindow
GetWindowTextA
InvalidateRgn
DrawTextW
CopyImage
PtInRect
DrawEdge
GetUserObjectInformationW
GetClassInfoExW
UpdateWindow
EnumDisplayMonitors
EqualRect
SetClassLongW
EnumWindows
CheckRadioButton
MapVirtualKeyExW
GetMessageW
ShowWindow
DrawFrameControl
GetNextDlgGroupItem
SetPropW
ValidateRect
DefMDIChildProcW
PeekMessageW
SetWindowsHookExW
InsertMenuItemW
SetWindowPlacement
GetDC
CharUpperW
MapWindowPoints
RemovePropW
LoadIconW
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
GetMenuDefaultItem
GetDlgItemInt
SetClipboardData
GetMenuBarInfo
GetIconInfo
SetParent
RegisterClassW
IsZoomed
IsWindowVisible
DestroyWindow
WindowFromDC
DrawMenuBar
IsCharLowerW
EnableMenuItem
InvertRect
TrackPopupMenuEx
DrawFocusRect
SetTimer
LoadStringW
IsDialogMessageW
FillRect
MonitorFromPoint
SetWindowContextHelpId
DeferWindowPos
GetDialogBaseUnits
RealChildWindowFromPoint
CreateWindowExW
TabbedTextOutW
EndPaint
GetUpdateRect
CharNextW
GetDoubleClickTime
IsChild
SetFocus
RegisterWindowMessageW
GetMonitorInfoW
ReleaseCapture
EmptyClipboard
BeginPaint
OffsetRect
EndDialog
GetScrollPos
CopyIcon
KillTimer
MapVirtualKeyW
GetComboBoxInfo
SendNotifyMessageW
GetClipboardData
GetParent
ToUnicodeEx
SendDlgItemMessageA
GetSystemMetrics
IsIconic
SetScrollRange
GetWindowRect
InflateRect
SetMenuDefaultItem
SetCapture
DrawIcon
EnumChildWindows
GetScrollRange
CharLowerW
ShowOwnedPopups
SendDlgItemMessageW
PostMessageW
MonitorFromRect
GetPropW
CharToOemW
CreateDialogParamW
DrawTextExW
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
DrawIconEx
CharUpperBuffW
SetWindowTextW
GetDCEx
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
GetWindowPlacement
ClientToScreen
GetProcessWindowStation
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
IsDlgButtonChecked
DestroyAcceleratorTable
CheckDlgButton
SetDlgItemInt
GetKeyboardLayout
LoadCursorW
GetSystemMenu
ReuseDDElParam
GetMenuItemID
InsertMenuW
SetForegroundWindow
NotifyWinEvent
GetMenuItemInfoW
GetCursorPos
CreateDialogIndirectParamW
ReleaseDC
IntersectRect
SetLayeredWindowAttributes
GetScrollInfo
ModifyMenuW
HideCaret
CopyRect
GetCapture
GetDlgCtrlID
GetShellWindow
SetWindowLongW
MessageBeep
LoadMenuW
RemoveMenu
GetWindowThreadProcessId
GetSysColorBrush
ShowScrollBar
MessageBoxW
DefFrameProcW
LockWindowUpdate
GetMenuState
RegisterClassExW
SetMenu
SetRectEmpty
DialogBoxParamW
MessageBoxA
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
SendMessageTimeoutW
GetSysColor
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetWindowRgn
UpdateLayeredWindow
TrackMouseEvent
DestroyIcon
GetTopWindow
GetWindowLongW
BeginDeferWindowPos
WinHelpW
GetDesktopWindow
SubtractRect
UnpackDDElParam
SetCursorPos
SystemParametersInfoW
UnionRect
MonitorFromWindow
FrameRect
SetRect
DeleteMenu
GetKeyNameTextW
CallWindowProcW
GetClassNameW
InvalidateRect
TranslateMDISysAccel
GetClientRect
IsRectEmpty
IsMenu
GetFocus
CreateMenu
EnableWindow
CloseClipboard
SetCursor
UnhookWindowsHookEx
TranslateAcceleratorW
[+] WININET.dll
FindCloseUrlCache
InternetQueryOptionW
DeleteUrlCacheEntryA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
InternetSetCookieExW
InternetGetCookieExW
[+] WINMM.dll
PlaySoundW
[+] WINSPOOL.DRV
DocumentPropertiesW
GetJobW
ClosePrinter
OpenPrinterW
[+] urlmon.dll
UrlMkGetSessionOption
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:05:07 16:01:36+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
87552

LinkerVersion
9.0

EntryPoint
0x59d7

InitializedDataSize
197120

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 93ecee56d34b410bb34c27aeedb2f386
SHA1 a95264dde89ffb49fd3c566c2aeb50f62e34ceab
SHA256 7fa57da2dff49332f13ea92e633db8c7cf448ff51b489d000f5208d0d6272240
ssdeep
6144:VQeYZEhbjoCbOGtnipPWriS1DU5WBHug20WtEct:VZYqjotuycBbguS

authentihash e6aef4810e0af46f585685478322eb9c68abfe412c2e10befc8c67ad09845be9
imphash 639ea4ffd80d6e2cb062afac6bcfc3c1
File size 279.0 KB ( 285696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-05-11 02:40:11 UTC ( 2 years, 9 months ago )
Last submission 2016-05-11 02:40:11 UTC ( 2 years, 9 months ago )
File names 93ecee56d34b410bb34c27aeedb2f386.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so!
More votes
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Runtime DLLs
Blog | Twitter | Contact us | ToS | Privacy policy