× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 84c278c9ac112f94b324e0f99a6dce7746f17eb60688df88d3fa7d72e4a0f558
File name: Mysic.exe
Detection ratio: 32 / 68
Analysis date: 2017-11-11 12:36:13 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.6178125 20171111
Antiy-AVL Trojan/Win32.Trickster 20171111
Avast FileRepMalware 20171111
AVG FileRepMalware 20171111
Avira (no cloud) TR/Crypt.ZPACK.hrjks 20171111
AVware Trojan.Win32.Generic!BT 20171111
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9965 20171109
BitDefender Trojan.GenericKD.6178125 20171111
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20171016
Cylance Unsafe 20171111
DrWeb Trojan.Trick.45171 20171111
Emsisoft Trojan.GenericKD.6178125 (B) 20171111
Endgame malicious (high confidence) 20171024
ESET-NOD32 a variant of Win32/GenKryptik.BDIT 20171111
F-Secure Trojan.GenericKD.6178125 20171111
Fortinet W32/GenKryptik.BDIT!tr 20171111
GData Trojan.GenericKD.6178125 20171111
Sophos ML heuristic 20170914
Kaspersky Trojan.Win32.Trickster.axp 20171111
McAfee Artemis!06E67970894D 20171111
McAfee-GW-Edition BehavesLike.Win32.PUPXAC.gc 20171111
eScan Trojan.GenericKD.6178125 20171111
Palo Alto Networks (Known Signatures) generic.ml 20171111
Qihoo-360 HEUR/QVM20.1.1A2C.Malware.Gen 20171111
SentinelOne (Static ML) static engine - malicious 20171019
Sophos AV Mal/Generic-S 20171111
Symantec Trojan.Trickybot 20171110
Tencent Win32.Trojan.Trickster.Hpe 20171111
TrendMicro-HouseCall Suspicious_GEN.F47V1110 20171111
VIPRE Trojan.Win32.Generic!BT 20171111
Webroot W32.Malware.Gen 20171111
ZoneAlarm by Check Point Trojan.Win32.Trickster.axp 20171111
AegisLab 20171111
AhnLab-V3 20171111
Alibaba 20170911
ALYac 20171110
Arcabit 20171110
Avast-Mobile 20171111
Bkav 20171111
CAT-QuickHeal 20171110
ClamAV 20171111
CMC 20171109
Comodo 20171111
Cybereason 20171030
Cyren 20171111
eGambit 20171111
F-Prot 20171111
Ikarus 20171111
Jiangmin 20171110
K7AntiVirus 20171111
K7GW 20171111
Kingsoft 20171111
Malwarebytes 20171111
MAX 20171111
Microsoft 20171111
NANO-Antivirus 20171111
nProtect 20171111
Panda 20171111
Rising 20171111
SUPERAntiSpyware 20171111
Symantec Mobile Insight 20171110
TheHacker 20171102
TotalDefense 20171111
TrendMicro 20171111
Trustlook 20171111
VBA32 20171110
ViRobot 20171111
WhiteArmor 20171104
Yandex 20171110
Zillya 20171110
Zoner 20171111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-06-04 09:38:10
Entry Point 0x00001AA0
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitCommonControlsEx
GetLastError
InitializeCriticalSection
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
lstrlenA
GetOEMCP
LCMapStringA
HeapDestroy
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
GetCommandLineW
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
GetStartupInfoA
GetEnvironmentStrings
lstrcatA
DeleteFileA
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetTempPathA
GetCPInfo
MapViewOfFile
GetStringTypeA
GetModuleHandleA
WriteFile
GetCurrentProcess
GetACP
HeapReAlloc
GetStringTypeW
GetCurrentThreadId
TerminateProcess
GetEnvironmentVariableA
HeapCreate
lstrcpyA
VirtualFree
InterlockedDecrement
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetVersion
InterlockedIncrement
VirtualAlloc
SleepEx
SetLastError
LeaveCriticalSection
CommandLineToArgvW
MapWindowPoints
GetMessageA
GetScrollRange
EndDialog
BeginPaint
GetScrollPos
PostQuitMessage
DefWindowProcA
SetWindowPos
DispatchMessageA
EndPaint
EndDeferWindowPos
SetDlgItemTextA
MoveWindow
SetWindowLongA
TranslateMessage
DialogBoxParamA
RegisterClassExA
GetCursorPos
ReleaseDC
SetWindowTextA
ShowCaret
SendMessageA
CreateWindowExA
EnableMenuItem
RegisterClassA
wsprintfA
SetTimer
LoadCursorA
LoadIconA
GetActiveWindow
ModifyMenuW
LockWindowUpdate
GetClassNameA
wsprintfW
OpenClipboard
DestroyWindow
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.13.9.1

LanguageCode
Unknown (309C)

FileFlagsMask
0x0000

FileDescription
Mysic Ltd. gui application

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unknown (0830)

InitializedDataSize
277504

EntryPoint
0x1aa0

OriginalFileName
Mysic

MIMEType
application/octet-stream

FileVersion
2.13.9.1

TimeStamp
2016:06:04 11:38:10+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.13.9.1

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mysic Ltd.

CodeSize
170496

ProductName
Mysic tehno

ProductVersionNumber
2.13.9.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 06e67970894da9ae379becfa19c0ef64
SHA1 fdbfaa1a2d407dbb1e4535fe98882a0e626327d6
SHA256 84c278c9ac112f94b324e0f99a6dce7746f17eb60688df88d3fa7d72e4a0f558
ssdeep
12288:G9hBdGhzUzapbBcxbt2gwl0W4olzYsY9:GvmzUImZw6CY9

authentihash 74d3477bc6ba90ac8630c417607d17a73a78d4981f1ef6a154978786e7499563
imphash 2b88e88049665d80420b7f1db83ee34e
File size 435.0 KB ( 445440 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (50.5%)
Microsoft Visual C++ compiled executable (generic) (30.2%)
Win32 Executable (generic) (8.2%)
OS/2 Executable (generic) (3.7%)
Generic Win/DOS Executable (3.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-11-10 14:18:48 UTC ( 1 year, 4 months ago )
Last submission 2019-03-16 14:04:11 UTC ( 2 days, 6 hours ago )
File names Mysic.exe
0a9aa58f-cca8-11e7-9f4a-80e65024849a.file
flomingo.png.exe
06e67970894da9ae379becfa19c0ef64.exe
0a9aa58f-cca8-11e7-9f4a-80e65024849a.exe
VirusShare_06e67970894da9ae379becfa19c0ef64
1002-fdbfaa1a2d407dbb1e4535fe98882a0e626327d6
0a9aa68g-dda8-22f7-9g5a-80f76035859a.exe
0a9aa58f-cca8-11e7-9f4a-80e65024849a.file
vvnaigqggl.exe
0a9aa58f-cca8-11e7-9f4a-80e65024849a.exe
flomingo.png
0a9aa58f-cca8-11e7-9f4a-80e65024849a.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs