× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8000e77ea6852d14dd6f151e0b66feabfa742940b8a391e681293097a11feeef
File name: libcurl.exe
Detection ratio: 32 / 41
Analysis date: 2012-04-18 16:30:00 UTC ( 5 years, 5 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Dropper/Win32.Injector 20120417
AntiVir TR/Spy.Gen 20120418
Antiy-AVL Trojan/win32.agent.gen 20120418
Avast Win32:Malware-gen 20120418
AVG Dropper.Generic5.BNJG 20120418
BitDefender Worm.Generic.369518 20120418
ClamAV Trojan.Spy-75681 20120418
Commtouch W32/Trojan2.MMBV 20120418
Comodo UnclassifiedMalware 20120418
DrWeb Trojan.Packed.22385 20120418
Emsisoft Riskware.MSIL!IK 20120418
eSafe Win32.TRSpy 20120417
eTrust-Vet Win32/Fignotok.AU 20120418
F-Prot W32/Trojan2.MMBV 20120417
F-Secure Worm.Generic.369518 20120418
Fortinet W32/Injector.WT!tr 20120418
GData Worm.Generic.369518 20120418
Ikarus VirTool.MSIL 20120418
Jiangmin TrojanDropper.Dapato.fkp 20120418
K7AntiVirus Trojan 20120417
McAfee Artemis!15E63AA1A22A 20120418
McAfee-GW-Edition Artemis!15E63AA1A22A 20120418
Microsoft PWS:Win32/Fignotok.A 20120418
NOD32 MSIL/Injector.WT 20120418
Norman W32/Troj_Generic.ATTNO 20120418
nProtect Worm.Generic.369518 20120418
Rising Trojan.Win32.Fednu.azr 20120417
Sophos AV Mal/Generic-L 20120418
Symantec Trojan.Gen 20120418
TrendMicro TSPY_FIGNOTOK.B 20120418
TrendMicro-HouseCall TSPY_FIGNOTOK.B 20120418
VBA32 TrojanDropper.Dapato.amms 20120418
ByteHero 20120417
CAT-QuickHeal 20120418
Kaspersky 20120418
Panda 20120418
PCTools 20120418
SUPERAntiSpyware 20120402
TheHacker 20120418
VIPRE 20120418
ViRobot 20120418
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Original name ß.exe
Internal name ß.exe
File version 0.0.0.0
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-03-14 18:45:16
Entry Point 0x0000CC92
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_RCDATA 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
0.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
800768

OriginalFilename
.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.0.0.0

TimeStamp
2012:03:14 19:45:16+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
.exe

ProductVersion
0.0.0.0

FileDescription

OSVersion
4.0

FileOS
Win32

LegalCopyright

MachineType
Intel 386 or later, and compatibles

CodeSize
44544

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0xcc92

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 15e63aa1a22afa8481d3de1dc34f039b
SHA1 54d5a31033b34ce5a89bd8c75f75899a109a01be
SHA256 8000e77ea6852d14dd6f151e0b66feabfa742940b8a391e681293097a11feeef
ssdeep
24576:aabGy3blO6NWTlAaO8yCmnO4Qx7ah80UmydJP70K:9oOtPfQ8qdJP70K

File size 826.0 KB ( 845824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (46.0%)
InstallShield setup (27.0%)
Win64 Executable (generic) (17.3%)
Win32 Dynamic Link Library (generic) (4.1%)
Win32 Executable (generic) (2.8%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-04-11 16:36:08 UTC ( 5 years, 5 months ago )
Last submission 2012-04-25 22:01:01 UTC ( 5 years, 4 months ago )
File names libcurl.exe
ß.exe
15E63AA1A22AFA8481D3DE1DC34F039B
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!