× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 86dd21b8388f23371d680e2632d0855b442f0fa7e93cd009d6e762715ba2d054
File name: mmon.exe
Detection ratio: 0 / 42
Analysis date: 2012-07-11 20:09:18 UTC ( 6 years, 8 months ago ) View latest
Antivirus Result Update
AhnLab-V3 20120711
AntiVir 20120711
Antiy-AVL 20120711
Avast 20120711
AVG 20120711
BitDefender 20120711
ByteHero 20120626
CAT-QuickHeal 20120711
ClamAV 20120711
Commtouch 20120711
Comodo 20120711
DrWeb 20120711
Emsisoft 20120711
eSafe 20120710
F-Prot 20120711
F-Secure 20120711
Fortinet 20120711
GData 20120711
Ikarus 20120711
Jiangmin 20120711
K7AntiVirus 20120711
Kaspersky 20120711
McAfee 20120711
McAfee-GW-Edition 20120711
Microsoft 20120711
NOD32 20120711
Norman 20120711
nProtect 20120711
Panda 20120711
PCTools 20120711
Rising 20120711
Sophos AV 20120711
SUPERAntiSpyware 20120711
Symantec 20120711
TheHacker 20120711
TotalDefense 20120710
TrendMicro 20120711
TrendMicro-HouseCall 20120711
VBA32 20120711
VIPRE 20120711
ViRobot 20120711
VirusBuster 20120711
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-09-18 10:20:00
Entry Point 0x0000C592
Number of sections 5
PE sections
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetLocaleInfoW
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
SetConsoleOutputCP
RtlUnwind
DeleteCriticalSection
GetCurrentProcess
EnumSystemLocalesA
GetLocaleInfoA
GetConsoleMode
DecodePointer
GetCurrentProcessId
FreeEnvironmentStringsW
OpenProcess
WriteConsoleW
GetCommandLineW
IsValidCodePage
GetCPInfo
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetStartupInfoW
SetStdHandle
ReadProcessMemory
GetProcAddress
InterlockedCompareExchange
HeapSize
ExitProcess
RaiseException
WideCharToMultiByte
LoadLibraryW
TlsFree
SetFilePointer
GetSystemTimeAsFileTime
LocalFree
ReadFile
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
TlsSetValue
CloseHandle
IsProcessorFeaturePresent
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
HeapAlloc
SetConsoleCP
FormatMessageW
TerminateProcess
InitializeCriticalSection
HeapCreate
CreateFileW
VirtualQueryEx
InterlockedDecrement
Sleep
GetFileType
HeapSetInformation
EncodePointer
GetCurrentThreadId
LeaveCriticalSection
GetUserDefaultLCID
SetLastError
InterlockedIncrement
EnumProcesses
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2010:09:18 12:20:00+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
117248

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0xc592

InitializedDataSize
41472

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 255daa6722de6ad03545070dfbef3330
SHA1 80aedf2eddc9e2f39306cbaa63e59c7a08468699
SHA256 86dd21b8388f23371d680e2632d0855b442f0fa7e93cd009d6e762715ba2d054
ssdeep
3072:ikmVcWhCz7cruMlg+PtBxp3bTsZiVXBeN/2KD2VD:/muoCz7cyUP9dbTYipBGG

authentihash 58d21f0b3b5cfe61805f22f91d4abc7bbbb1eb35b62708b62c724d8ab3458274
imphash 24709cece0af7785c579e84a5157209e
File size 156.0 KB ( 159744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe via-tor

VirusTotal metadata
First submission 2010-10-09 21:01:06 UTC ( 8 years, 5 months ago )
Last submission 2018-06-18 13:19:03 UTC ( 9 months, 1 week ago )
File names 255daa6722de6ad03545070dfbef3330.virobj
86dd21b8388f23371d680e2632d0855b442f0fa7e93cd009d6e762715ba2d054.exe
vti-rescan
1342124205.5b442f0fa7e93cd009d6e762715ba2d054
X.exe
alg.exe
86dd21b8388f23371d680e2632d0855b442f0fa7e93cd009d6e762715ba2d054.exe
mm.exe
1201411061251466552.exe
bios.exe
john.exe
BAD.file
output.70738862.txt
mmon.exe.bin
mmon (2).exe
2.exe
sms.exe
m.exe
fm.exe
lake.exe
19347973
X.exe
mmon.exe
mmon.ex_
file-3786903_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!