× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 817109d3ea13fe1e718defe4a16959f64d966404a3dcfbe6b1aa85cffc3da765
File name: stepup.exe
Detection ratio: 52 / 66
Analysis date: 2017-10-04 18:24:51 UTC ( 1 year, 6 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Trickbot.4 20171004
AegisLab Heur.Advml.Gen!c 20171004
AhnLab-V3 Trojan/Win32.Bublik.C1620407 20171004
ALYac Gen:Variant.Trickbot.4 20171004
Arcabit Trojan.Trickbot.4 20171004
Avast Win32:Cryptor 20171004
AVG Win32:Cryptor 20171004
Avira (no cloud) TR/Crypt.ZPACK.mgzlj 20171004
AVware LooksLike.Win32.Crowti.b (v) 20171004
Baidu Win32.Trojan.Agent.avs 20170930
BitDefender Gen:Variant.Trickbot.4 20171004
Bkav W32.FamVT.RazyNHmA.Trojan 20171004
CAT-QuickHeal Trojan.Mauvaise.SL1 20171004
Comodo Worm.Win32.Dorkbot.LA 20171004
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170804
Cylance Unsafe 20171004
Cyren W32/S-e2e07e9d!Eldorado 20171004
DrWeb Trojan.Inject2.30930 20171004
Emsisoft Gen:Variant.Trickbot.4 (B) 20171004
Endgame malicious (high confidence) 20170821
ESET-NOD32 a variant of Win32/Kryptik.FHYI 20171004
F-Prot W32/S-e2e07e9d!Eldorado 20171004
F-Secure Gen:Variant.Trickbot.4 20171004
Fortinet W32/Kryptik.FIOG!tr 20171004
GData Gen:Variant.Trickbot.4 20171004
Ikarus Trojan.Win32.Crypt 20171004
Sophos ML heuristic 20170914
K7AntiVirus Trojan ( 004fabdf1 ) 20171004
K7GW Trojan ( 004fabdf1 ) 20171004
Kaspersky Trojan.Win32.Bublik.eskd 20171004
MAX malware (ai score=81) 20171004
McAfee Trojan-FJXB!47D9E7C46492 20171004
McAfee-GW-Edition Trojan-FJXB!47D9E7C46492 20171004
eScan Gen:Variant.Trickbot.4 20171004
NANO-Antivirus Trojan.Win32.Inject.ehjlby 20171004
Palo Alto Networks (Known Signatures) generic.ml 20171004
Panda Trj/Genetic.gen 20171004
Qihoo-360 Win32/Trojan.BO.fbb 20171004
Rising Malware.Obscure/Heur!1.A121 (CLASSIC) 20171004
SentinelOne (Static ML) static engine - malicious 20171001
Sophos AV Mal/Generic-S 20171004
SUPERAntiSpyware Trojan.Agent/Gen-Midie 20171004
Symantec Trojan.Gen 20171004
Tencent Win32.Trojan.Trickbot.Pfjt 20171004
TrendMicro WORM_HPKASIDET.SM0 20171004
TrendMicro-HouseCall WORM_HPKASIDET.SM0 20171004
VIPRE LooksLike.Win32.Crowti.b (v) 20171004
ViRobot Trojan.Win32.S.Downloader.344576.B 20171004
Webroot Trojan.Dropper.Gen 20171004
Yandex Trojan.Kryptik!9wZLOgx/e/E 20171004
Zillya Trojan.Kryptik.Win32.1248621 20171004
ZoneAlarm by Check Point Trojan.Win32.Bublik.eskd 20171004
Alibaba 20170911
Antiy-AVL 20171004
Avast-Mobile 20171004
ClamAV 20171004
CMC 20171004
Jiangmin 20171004
Kingsoft 20171004
Malwarebytes 20171004
Microsoft 20171004
nProtect 20171004
Symantec Mobile Insight 20171004
TheHacker 20171002
TotalDefense 20171004
Trustlook 20171004
VBA32 20171004
WhiteArmor 20170927
Zoner 20171004
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2004 stallShd Software Corp.

Product SmartSound Quicktracks Plugin
Original name stepup.exe
Internal name stepup.exe
File version 3.0.6.0
Description aunch
Comments
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-14 15:08:33
Entry Point 0x000039C4
Number of sections 4
PE sections
PE imports
GetFileTitleW
SetDIBits
GetWindowExtEx
SetMapMode
TextOutW
CreateFontIndirectW
SetBkMode
SetStretchBltMode
CreatePen
GetRgnBox
SaveDC
GdiFlush
SetICMMode
CreateRectRgnIndirect
CreateBrushIndirect
GetClipBox
GetTextMetricsW
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
GetMapMode
LineTo
DeleteObject
GetObjectW
SetDIBitsToDevice
CreateDIBSection
SetTextColor
SelectObject
MoveToEx
ExtTextOutW
CreateBitmap
RectVisible
BitBlt
SetViewportOrgEx
ScaleWindowExtEx
SetBkColor
PtVisible
GetDIBits
ExtSelectClipRgn
CreateRoundRectRgn
CreateCompatibleDC
GetTextExtentPoint32W
GdiAlphaBlend
StretchDIBits
ScaleViewportExtEx
CreateRectRgn
CreateFontIndirectA
GetBkColor
SetWindowExtEx
GetTextColor
GetStockObject
Escape
GetViewportExtEx
SetViewportExtEx
CreateCompatibleBitmap
GetStdHandle
GetConsoleOutputCP
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
GetFileAttributesW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
LoadLibraryExW
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
FindResourceExW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
FindClose
InterlockedDecrement
SetFileAttributesW
SetLastError
GetSystemTime
ReadConsoleInputA
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
LoadLibraryExA
GetPrivateProfileStringA
SetConsoleCtrlHandler
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetPrivateProfileStringW
GetModuleHandleA
GlobalAddAtomW
CreateThread
MoveFileExW
GetSystemDirectoryW
SetUnhandledExceptionFilter
MulDiv
ExitThread
SetEnvironmentVariableA
GlobalMemoryStatus
CreateSemaphoreW
WriteConsoleA
GetVersion
VirtualQuery
CreateEventW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
CloseHandle
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
CopyFileW
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
LCMapStringW
OpenProcess
DeleteFileA
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CompareStringW
GetFileSizeEx
RemoveDirectoryW
ExpandEnvironmentStringsW
lstrcmpA
FindNextFileW
CompareStringA
FindNextFileA
TerminateProcess
lstrcmpW
ExpandEnvironmentStringsA
SetEvent
GetTempPathW
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
FlushConsoleInputBuffer
GlobalDeleteAtom
SetConsoleMode
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
GlobalAlloc
lstrlenW
CreateProcessW
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
WritePrivateProfileStringW
RaiseException
TlsFree
SetFilePointer
ReadFile
FindFirstFileA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
SizeofResource
WideCharToMultiByte
IsValidCodePage
HeapCreate
WriteFile
VirtualFree
Sleep
OpenSemaphoreW
VirtualAlloc
ResetEvent
InsertMenuA
IsClipboardFormatAvailable
MapVirtualKeyA
IsWindow
LoadIconA
IsWindowVisible
IsZoomed
KillTimer
LoadCursorFromFileA
InsertMenuW
LoadCursorA
MessageBeep
IsIconic
LoadBitmapA
InvalidateRect
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OleUninitialize
OleInitialize
StgCreateDocfileOnILockBytes
CoCreateInstance
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoTaskMemFree
CreateILockBytesOnHGlobal
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
SERBIAN ARABIC TUNISIA 1
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.0.333.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0002

CharacterSet
Windows, Latin1

InitializedDataSize
265728

EntryPoint
0x39c4

OriginalFileName
stepup.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2004 stallShd Software Corp.

FileVersion
3.0.6.0

TimeStamp
2016:10:14 16:08:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
stepup.exe

ProductVersion
3.0.6.0

FileDescription
aunch

OSVersion
5.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SmartSound Software Inc

CodeSize
77824

ProductName
SmartSound Quicktracks Plugin

ProductVersionNumber
9.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 47d9e7c464927052ca0d22af7ad61f5d
SHA1 eaf71520e8554b73f5b95a3daacf9aa21754d979
SHA256 817109d3ea13fe1e718defe4a16959f64d966404a3dcfbe6b1aa85cffc3da765
ssdeep
6144:gNtmXPzI3Z4fcZnPPZPI7rAzS3OFzaLN9CXygK0:gNA83GcJPBI7M23Och92PF

authentihash ca7bd66797d99c58b4d5d814cc7cfec66b43db1459c174792466ab5b4fffe02f
imphash 3157894ec9a155ed2a1fd1269691e30a
File size 336.5 KB ( 344576 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-10-14 15:21:30 UTC ( 2 years, 6 months ago )
Last submission 2016-10-16 20:16:47 UTC ( 2 years, 6 months ago )
File names packed_fleercivet.bin
stepup.exe
9a3d458322d70046f63dfd8b0153ece4_clicool.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Created processes
Opened mutexes
Runtime DLLs
UDP communications