× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 879744e709bb3722e155071033af64322f05bcf34aa0c2c8a9e9a483c6f9ed41
File name: vt-upload-NixAI
Detection ratio: 33 / 49
Analysis date: 2014-02-23 17:58:33 UTC ( 3 years, 2 months ago )
Antivirus Result Update
Ad-Aware Trojan.Ranapama.A 20140223
Yandex TrojanSpy.Zbot!G+gYOQL3JXk 20140223
AhnLab-V3 Spyware/Win32.Zbot 20140223
AntiVir TR/Ranapama.A 20140223
Antiy-AVL Trojan/Win32.SGeneric 20140219
Avast Win32:Injector-BQJ [Trj] 20140223
AVG Inject2.SNE 20140223
BitDefender Trojan.Ranapama.A 20140223
Comodo TrojWare.Win32.Carberp.AV 20140223
DrWeb Trojan.PWS.Panda.2401 20140223
Emsisoft Trojan.Ranapama.A (B) 20140223
ESET-NOD32 a variant of Win32/Injector.AXPJ 20140223
F-Secure Trojan.Ranapama.A 20140223
Fortinet W32/Injector.AXKT!tr 20140222
GData Trojan.Ranapama.A 20140223
Jiangmin TrojanSpy.Zbot.gzne 20140223
K7GW Trojan ( 004952c31 ) 20140220
Kaspersky Trojan-Spy.Win32.Zbot.rmop 20140223
Kingsoft Win32.Troj.Zbot.rm.(kcloud) 20140223
Malwarebytes Trojan.Zbot 20140223
McAfee Generic-FAOP!5BFD08F63DDF 20140223
McAfee-GW-Edition Generic-FAOP!5BFD08F63DDF 20140223
Microsoft PWS:Win32/Zbot 20140223
eScan Trojan.Ranapama.A 20140223
NANO-Antivirus Trojan.Win32.Zbot.ctptgx 20140223
nProtect Trojan.Ranapama.A 20140223
Panda Generic Malware 20140223
Sophos Troj/Wonton-P 20140223
Symantec Backdoor.Trojan 20140223
TheHacker Trojan/Injector.axkt 20140222
TrendMicro TROJ_GEN.R02EC0CBM14 20140223
TrendMicro-HouseCall TROJ_GEN.R02EC0CBM14 20140223
VIPRE Trojan.Win32.Generic!BT 20140223
Baidu-International 20140223
Bkav 20140222
ByteHero 20140223
CAT-QuickHeal 20140223
ClamAV 20140223
CMC 20140220
Commtouch 20140223
F-Prot 20140223
Ikarus 20140223
K7AntiVirus 20140221
Norman 20140223
Qihoo-360 20140223
Rising 20140223
SUPERAntiSpyware 20140222
TotalDefense 20140223
VBA32 20140221
ViRobot 20140223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher Intel Pentium 4
Product Intel corporation Pentium 4
Original name intel.exe
File version 7.0.0.3
Description Intel corporation Pentium 4
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-11 01:56:58
Entry Point 0x000036A1
Number of sections 3
PE sections
PE imports
CreateCompatibleDC
CreateColorSpaceW
Arc
CombineRgn
CloseFigure
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
FillConsoleOutputCharacterW
RtlUnwind
GetModuleFileNameA
GetStdHandle
IsProcessorFeaturePresent
GetCommandLineA
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
WriteProfileSectionW
GetProcAddress
AddAtomW
EncodePointer
GetFileType
SetStdHandle
CompareStringW
GetCPInfo
GetModuleFileNameW
TlsFree
SetFilePointer
HeapSetInformation
SetUnhandledExceptionFilter
GetTempPathW
CloseHandle
GetTempFileNameA
GetComputerNameA
FindNextFileA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
SetEnvironmentVariableA
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
HeapCreate
WriteFile
CreateFileW
InterlockedDecrement
Sleep
SetLastError
TlsSetValue
GetTickCount
GetCurrentThreadId
InterlockedIncrement
ExitProcess
WriteConsoleW
LeaveCriticalSection
glMateriali
glColor4iv
glEvalCoord2fv
wglRealizeLayerPalette
glFinish
wglUseFontBitmapsA
glIndexs
glNormal3b
ExtractIconExA
DoEnvironmentSubstA
ExtractAssociatedIconW
ExtractIconExW
ShellExecuteExW
ExtractIconW
SetFocus
SetWindowWord
DefFrameProcW
UpdateWindow
CloseDesktop
DdeConnect
GetKeyboardLayoutList
GetAsyncKeyState
GetWindowInfo
PostMessageW
FrameRect
mmioSeek
joyGetDevCapsA
PlaySoundA
waveOutGetDevCapsA
mixerClose
SymGetLineNext
SymGetModuleInfoW64
SymMatchString
ImageRvaToSection
SymGetLinePrev
SymLoadModuleEx
CoGetInstanceFromFile
StringFromCLSID
GetClassFile
CoBuildVersion
OleDestroyMenuDescriptor
FindMediaType
GetClassFileOrMime
CoInternetGetProtocolFlags
HlinkGoForward
Number of PE resources by type
RT_DIALOG 43
RT_BITMAP 27
RT_HTML 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 72
RUSSIAN 1
SPANISH HONDURAS 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
241664

ImageVersion
0.0

ProductName
Intel corporation Pentium 4

FileVersionNumber
7.0.0.3

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
9.0

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
7.0.0.3

TimeStamp
2014:02:11 02:56:58+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:02:23 19:18:30+01:00

ProductVersion
7.0.0.3

FileDescription
Intel corporation Pentium 4

OSVersion
5.0

FileCreateDate
2014:02:23 19:18:30+01:00

OriginalFilename
intel.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Intel Pentium 4

CodeSize
49664

FileSubtype
0

ProductVersionNumber
7.0.0.3

EntryPoint
0x36a1

ObjectFileType
Executable application

File identification
MD5 5bfd08f63ddf3e131928285d815c6cea
SHA1 6cd8090b14f03b8998911288c26ccf087c6e4413
SHA256 879744e709bb3722e155071033af64322f05bcf34aa0c2c8a9e9a483c6f9ed41
ssdeep
6144:DeiGTXcxIK5iZf7gxhaJAxFsDhkrvmlMIB3r:DeiGImKo9YhaJAxe/3r

imphash f130d9b64f49f8db8c467a78a0a71386
File size 286.7 KB ( 293595 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-02-23 17:58:33 UTC ( 3 years, 2 months ago )
Last submission 2014-02-23 17:58:33 UTC ( 3 years, 2 months ago )
File names intel.exe
vt-upload-NixAI
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!