× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 84c745f098f15cfb472b640adfe7faa50c09cde586ed73fff282f16f0388bbcb
File name: 7ce7ba6d88d146e7cd49f28d246781b4.virus
Detection ratio: 27 / 53
Analysis date: 2016-07-20 09:00:41 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3417300 20160720
Arcabit Trojan.Generic.D3424D4 20160720
Avast Win32:Trojan-gen 20160720
AVG Crypt5.BYMV 20160720
Avira (no cloud) TR/AD.Gootkit.Y.stky 20160720
AVware Trojan.Win32.Generic!BT 20160720
BitDefender Trojan.GenericKD.3417300 20160720
Emsisoft Trojan.GenericKD.3417300 (B) 20160720
ESET-NOD32 a variant of Win32/Kryptik.FCIZ 20160720
F-Secure Trojan.GenericKD.3417300 20160720
Fortinet W32/Yakes.FCIZ!tr 20160720
GData Trojan.GenericKD.3417300 20160720
Ikarus Trojan.Win32.Crypt 20160720
K7AntiVirus Trojan ( 004f44b91 ) 20160720
K7GW Trojan ( 004f44b91 ) 20160720
Kaspersky Trojan.Win32.Yakes.qerd 20160720
McAfee RDN/Generic.grp 20160720
McAfee-GW-Edition RDN/Generic.grp 20160719
Microsoft Trojan:Win32/Dynamer!ac 20160720
eScan Trojan.GenericKD.3417300 20160720
Panda Trj/GdSda.A 20160719
Qihoo-360 HEUR/QVM09.0.0000.Malware.Gen 20160720
Sophos AV Mal/Generic-S 20160720
Symantec Trojan.Gen 20160720
Tencent Win32.Trojan.Yakes.Ammp 20160720
TrendMicro TROJ_GEN.R021C0DGJ16 20160720
VIPRE Trojan.Win32.Generic!BT 20160720
AegisLab 20160720
AhnLab-V3 20160720
Alibaba 20160720
ALYac 20160720
Antiy-AVL 20160720
Baidu 20160719
Bkav 20160719
CAT-QuickHeal 20160720
ClamAV 20160720
CMC 20160715
Comodo 20160720
Cyren 20160720
DrWeb 20160720
F-Prot 20160720
Jiangmin 20160720
Kingsoft 20160720
Malwarebytes 20160720
NANO-Antivirus 20160720
nProtect 20160719
SUPERAntiSpyware 20160720
TheHacker 20160720
TotalDefense 20160720
TrendMicro-HouseCall 20160720
VBA32 20160720
ViRobot 20160720
Zillya 20160719
Zoner 20160720
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copy right(c) 2019. All rights reserved.

Product Singwritten Windcharacter
Original name cardengine.exe
Internal name cardengine.exe
File version 1.0.0.1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-08-03 05:18:39
Entry Point 0x0000FFDD
Number of sections 4
PE sections
PE imports
GetStdHandle
GetConsoleOutputCP
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
LocalFree
InitializeCriticalSection
TlsGetValue
FormatMessageA
SetLastError
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
EnumSystemLocalesA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
SetUnhandledExceptionFilter
MulDiv
TerminateProcess
WriteConsoleA
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
GetStartupInfoW
GetUserDefaultLCID
GetProcessHeap
IsValidLocale
GetProcAddress
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
GetSystemInfo
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
CreateProcessW
GetEnvironmentStrings
GetCurrentProcessId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
TlsFree
SetFilePointer
ReadFile
CloseHandle
OpenMutexW
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoCreateInstance
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
282624

EntryPoint
0xffdd

OriginalFileName
cardengine.exe

MIMEType
application/octet-stream

LegalCopyright
Copy right(c) 2019. All rights reserved.

FileVersion
1.0.0.1

TimeStamp
2005:08:03 06:18:39+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
cardengine.exe

ProductVersion
1.0.0.1

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
241664

ProductName
Singwritten Windcharacter

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7ce7ba6d88d146e7cd49f28d246781b4
SHA1 f49aa244a80afda9a5fb6fe103d956710dbf7e2c
SHA256 84c745f098f15cfb472b640adfe7faa50c09cde586ed73fff282f16f0388bbcb
ssdeep
3072:M5VXYOxLpu6UxpuMKbyfe5R+Tddq1BsMvQ5k3rF/Mq7iu+oXLhglnmSBFlYpuUgk:u9xzUxEMKbADe3rZMoMIhomS3lYpb

authentihash cb6470e783064b8b58e84b86576b6a0bcbba29bdb9b6ed35128ee58c069ff4e7
imphash 76d70d13aa7ee2608365a592e9ba19f0
File size 300.0 KB ( 307200 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-20 09:00:41 UTC ( 2 years, 7 months ago )
Last submission 2016-07-20 09:00:41 UTC ( 2 years, 7 months ago )
File names cardengine.exe
7ce7ba6d88d146e7cd49f28d246781b4.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications