× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 81e0b821eeddc6cbd3d749911b2c70c9ad0c60dc563b70b9e6f5a06ea5090dcb
File name: load2.exe-thWKCc
Detection ratio: 37 / 46
Analysis date: 2013-01-13 17:25:41 UTC ( 5 years, 8 months ago )
Antivirus Result Update
Yandex Trojan.Kryptik!njO00R+4wfI 20130113
AhnLab-V3 Win-Trojan/Fakeav.126472 20130113
AntiVir TR/Dropper.Gen 20130107
Avast Win32:Malware-gen 20130113
AVG Crypt.XBD 20130113
BitDefender Trojan.Generic.KD.17471 20130111
ClamAV Win.Trojan.Agent-85614 20130113
Commtouch W32/MalwareF.CCLH 20130112
Comodo TrojWare.Win32.Trojan.Agent.~KPY 20130113
DrWeb Trojan.Winlock.2009 20130113
Emsisoft Trojan.Generic.KD.17471 (B) 20130113
ESET-NOD32 Win32/LockScreen.UO 20130113
F-Prot W32/MalwareF.CCLH 20130112
F-Secure Trojan.Generic.KD.17471 20130113
Fortinet W32/Kryptik.DS!tr 20130113
GData Trojan.Generic.KD.17471 20130113
Ikarus Packed.Win32.Katusha 20130113
Jiangmin Packed.Katusha.rml 20121221
K7AntiVirus Trojan 20130111
Kaspersky Packed.Win32.Katusha.o 20130113
Malwarebytes Trojan.Agent 20130113
McAfee Generic FakeAlert!km 20130113
McAfee-GW-Edition Generic FakeAlert!km 20130113
Microsoft Trojan:Win32/Calelk.C 20130113
eScan Trojan.Generic.KD.17471 20130113
Norman W32/Katusha.EA 20130113
nProtect Trojan/W32.Agent.126472.C 20130113
Panda Trj/CI.A 20130113
PCTools Backdoor.Trojan 20130113
Sophos AV Mal/FakeAV-DS 20130113
Symantec Backdoor.Trojan 20130113
TheHacker Trojan/LockScreen.uo 20130112
TotalDefense Win32/Tnega.CYW 20130113
TrendMicro TROJ_FAKEAV.FGZ 20130113
TrendMicro-HouseCall TROJ_FAKEAV.FGZ 20130113
VBA32 Malware-Cryptor.0545 20130112
VIPRE Trojan.Win32.Generic.pak!cobra 20130113
Antiy-AVL 20130113
ByteHero 20130108
CAT-QuickHeal 20130112
eSafe 20130113
Kingsoft 20130107
NANO-Antivirus 20130113
Rising 20130110
SUPERAntiSpyware 20130113
ViRobot 20130113
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
System

File version 4.68
Description System
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1998-07-30 10:55:06
Entry Point 0x00001018
Number of sections 6
PE sections
PE imports
GetCurrentProcessId
FindResourceW
SetUnhandledExceptionFilter
FindAtomA
TlsGetValue
GetTickCount
VirtualProtect
GetCurrentThreadId
GetProcessHeap
PE exports
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 3
ENGLISH US 2
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
16896

ImageVersion
0.0

FileVersionNumber
4.6.8.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

LinkerVersion
2.4

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.68

TimeStamp
1998:07:30 11:55:06+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
System

OSVersion
4.0

FileOS
Unknown (0)

LegalCopyright
System

MachineType
Intel 386 or later, and compatibles

CodeSize
1024

FileSubtype
0

ProductVersionNumber
4.6.8.0

EntryPoint
0x1018

ObjectFileType
Unknown

File identification
MD5 a0246944f0cd760053fde4a67c1adf04
SHA1 6a20ba8424ee70a4d9c25203c1aa3602817e53d9
SHA256 81e0b821eeddc6cbd3d749911b2c70c9ad0c60dc563b70b9e6f5a06ea5090dcb
ssdeep
3072:TaxVfJl751Y6cjd2BVB3tR17vAD4g9YlH0RkorhXdYY:To75udgtx744HykoVdY

File size 123.5 KB ( 126472 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)
Tags
peexe

VirusTotal metadata
First submission 2010-06-24 21:02:37 UTC ( 8 years, 2 months ago )
Last submission 2013-01-13 17:25:41 UTC ( 5 years, 8 months ago )
File names load2.exe-thWKCc
sample_a0246944f0cd760053fde4a67c1adf04
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!