× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 824864222d7d7997ce4b7f6dc2d289b9764185d2f8a0c9d8a0e3b89743aba86c
File name: PiggyBank.exe
Detection ratio: 24 / 50
Analysis date: 2014-02-02 14:55:58 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.1429429 20140202
AntiVir TR/Drop.Agent.mwm.16 20140202
BitDefender Trojan.GenericKD.1429429 20140202
Emsisoft Trojan.GenericKD.1429429 (B) 20140202
F-Secure Trojan.GenericKD.1429429 20140202
GData Trojan.GenericKD.1429429 20140202
Ikarus Trojan.SuspectCRC 20140202
Jiangmin Trojan/Generic.bgdet 20140202
K7AntiVirus Trojan ( 0040f6f11 ) 20140131
K7GW Trojan ( 0040f6f11 ) 20140131
Kingsoft Win32.Troj.Generic.a.(kcloud) 20130829
McAfee Artemis!7C8E45069C3C 20140202
McAfee-GW-Edition Artemis!7C8E45069C3C 20140202
eScan Trojan.GenericKD.1429429 20140202
NANO-Antivirus Trojan.Win32.Llac.cqobuz 20140202
Norman Troj_Generic.RQPUM 20140202
nProtect Trojan.GenericKD.1429429 20140202
Panda Trj/dtcontx.I 20140202
Qihoo-360 Win32/Trojan.Dropper.2ce 20140126
Rising PE:Trojan.Sulunch!6.665 20140202
Symantec Trojan.ADH 20140202
TrendMicro-HouseCall TROJ_GEN.F47V1120 20140202
VBA32 Trojan.Siscos 20140131
VIPRE Corrupted File (v) 20140202
Yandex 20140202
AhnLab-V3 20140202
Antiy-AVL 20140202
Avast 20140202
AVG 20140202
Baidu-International 20140202
Bkav 20140125
ByteHero 20140126
CAT-QuickHeal 20140202
ClamAV 20140202
CMC 20140122
Commtouch 20140202
Comodo 20140202
DrWeb 20140202
ESET-NOD32 20140202
F-Prot 20140201
Fortinet 20140202
Kaspersky 20140202
Malwarebytes 20140202
Microsoft 20140202
Sophos AV 20140202
SUPERAntiSpyware 20140201
TheHacker 20140201
TotalDefense 20140202
TrendMicro 20140202
ViRobot 20140202
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2013 andarazoroflove.org

Product PiggyBank
File version 0.9.7.0
Description OSS GUI Client for Pennies
Packers identified
PEiD Armadillo v1.71
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-02-26 19:39:54
Entry Point 0x00005FE4
Number of sections 4
PE sections
PE imports
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
WaitForSingleObject
GetOEMCP
LCMapStringA
HeapDestroy
ExitProcess
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
LoadLibraryA
FreeEnvironmentStringsA
HeapAlloc
GetCurrentProcess
GetEnvironmentStrings
CreateDirectoryA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
SetStdHandle
GetModuleHandleA
GetTempPathA
WideCharToMultiByte
GetStringTypeA
SetFilePointer
ReadFile
WriteFile
GetStartupInfoA
CloseHandle
GetACP
HeapReAlloc
GetStringTypeW
TerminateProcess
HeapCreate
VirtualFree
Sleep
GetFileType
SetEndOfFile
CreateFileA
GetTickCount
GetVersion
VirtualAlloc
ShellExecuteExA
timeGetTime
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 2
NEUTRAL 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
28672

ImageVersion
0.0

ProductName
PiggyBank

FileVersionNumber
0.9.7.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
6.0

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.9.7.0

TimeStamp
2013:02:26 20:39:54+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:03:31 17:45:29+01:00

ProductVersion
0.9.7.0

FileDescription
OSS GUI Client for Pennies

OSVersion
4.0

FileCreateDate
2014:03:31 17:45:29+01:00

FileOS
Windows NT 32-bit

LegalCopyright
2013 andarazoroflove.org

MachineType
Intel 386 or later, and compatibles

CodeSize
45056

FileSubtype
0

ProductVersionNumber
0.9.7.0

EntryPoint
0x5fe4

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 7c8e45069c3c05b9c43c2e71fa43794a
SHA1 3c91f77cdddb47ce07840871521f6f14498064b0
SHA256 824864222d7d7997ce4b7f6dc2d289b9764185d2f8a0c9d8a0e3b89743aba86c
ssdeep
196608:H8nMosmC0KUtbldjAsE/I7KdKReORxUjuQP:UMWKUFldjAsE/I7Kiebjuy

imphash a04f32913d3ef18e07d2c1e3f373c264
File size 6.8 MB ( 7151852 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
corrupt peexe armadillo

VirusTotal metadata
First submission 2013-11-20 04:51:05 UTC ( 3 years, 11 months ago )
Last submission 2014-02-02 14:55:58 UTC ( 3 years, 8 months ago )
File names 7c8e45069c3c05b9c43c2e71fa43794a
PiggyBank.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!