× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8a59dc353d4b33021beb9b6c0e89c90190a21e47558b9d2e1a6ceca68d2d1f43
File name: exe.ex
Detection ratio: 34 / 47
Analysis date: 2014-01-15 23:29:52 UTC ( 3 years, 8 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.31922 20140116
Yandex TrojanSpy.Zbot!nq/0tMKg6cM 20140115
Antiy-AVL Trojan/Win32.Zbot 20140115
Avast Win32:Malware-gen 20140115
AVG Win32/VBCrypt 20140115
Baidu-International Trojan.Win32.Zbot.AU 20131213
BitDefender Gen:Variant.Symmi.31922 20140115
ByteHero Virus.Win32.Heur.p 20140115
CMC Heur.Win32.Veebee.1!O 20140115
Commtouch W32/PWS.LERK-5563 20140115
Comodo UnclassifiedMalware 20140115
DrWeb Trojan.PWS.Panda.2401 20140115
Emsisoft Gen:Variant.Symmi.31922 (B) 20140115
ESET-NOD32 a variant of Win32/Injector.ATAF 20140116
Fortinet W32/Injector.ASLU!tr 20140116
GData Gen:Variant.Symmi.31922 20140115
Ikarus Trojan-Spy.Zbot 20140115
K7AntiVirus Trojan ( 00490fe11 ) 20140115
K7GW Trojan ( 00490fe11 ) 20140115
Kaspersky Trojan-Spy.Win32.Zbot.qvth 20140115
Kingsoft Win32.Troj.Generic.a.(kcloud) 20130829
Malwarebytes Trojan.Inject 20140115
McAfee PWSZbot-FLW!6E521AE06181 20140116
McAfee-GW-Edition PWSZbot-FLW!6E521AE06181 20140115
Microsoft PWS:Win32/Zbot 20140115
eScan Gen:Variant.Symmi.31922 20140115
NANO-Antivirus Trojan.Win32.Injector.crmbtt 20140115
Panda Generic Malware 20140115
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20140115
Sophos AV Mal/VBZbot-B 20140115
TrendMicro TROJ_GEN.F0C2C00LV13 20140115
TrendMicro-HouseCall TROJ_GEN.F0C2C00LV13 20140115
VBA32 TrojanSpy.Zbot 20140115
VIPRE Trojan.Win32.Generic!BT 20140116
AntiVir 20140116
Bkav 20140114
CAT-QuickHeal 20140115
ClamAV 20140115
F-Prot 20140115
F-Secure 20140116
Jiangmin 20140115
Norman 20140115
nProtect 20140115
SUPERAntiSpyware 20140115
Symantec 20140115
TheHacker 20140115
TotalDefense 20140115
ViRobot 20140115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher Texas Instruments Incorporated
Product Soares erythrop hwt bicarbur
Original name Inferial.exe
Internal name Inferial
File version 1.00.0001
Description Proart gamelott awreck psychoph indolin
Signature verification The digital signature of the object did not verify.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-09 08:00:08
Entry Point 0x00001358
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
Ord(689)
EVENT_SINK_Release
__vbaEnd
__vbaStrCmp
_allmul
_CIsin
_adj_fdivr_m64
_adj_fprem
Ord(712)
Ord(546)
_adj_fpatan
Ord(586)
EVENT_SINK_AddRef
Ord(677)
_adj_fdiv_m32i
__vbaInStr
EVENT_SINK_QueryInterface
__vbaStrCopy
__vbaExceptHandler
__vbaSetSystemError
__vbaFreeVarList
DllFunctionCall
__vbaFPException
__vbaStrVarMove
_adj_fdivr_m16i
_adj_fdiv_r
Ord(517)
__vbaUI1I2
__vbaFreeVar
Ord(100)
Ord(519)
Ord(547)
_adj_fdiv_m64
Ord(574)
__vbaFreeObj
__vbaHresultCheckObj
_CIsqrt
Ord(696)
_CIlog
Ord(606)
Ord(667)
_CIcos
Ord(587)
_adj_fptan
__vbaI4Var
Ord(582)
__vbaVarMove
__vbaErrorOverflow
_CIatan
__vbaI2I4
__vbaNew2
__vbaLateIdCallLd
_adj_fdivr_m32i
__vbaStrComp
_CIexp
__vbaStrMove
_adj_fprem1
_adj_fdivr_m32
_CItan
__vbaFpI4
Ord(598)
__vbaFreeStr
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 9
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 10
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Unicode

InitializedDataSize
184320

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
1.00.0001

TimeStamp
2013:12:09 09:00:08+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Inferial

ProductVersion
1.00.0001

FileDescription
Proart gamelott awreck psychoph indolin

OSVersion
4.0

OriginalFilename
Inferial.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Texas Instruments Incorporated

CodeSize
266240

ProductName
Soares erythrop hwt bicarbur

ProductVersionNumber
1.0.0.1

EntryPoint
0x1358

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 6e521ae061819cceaf85bde7da6e7433
SHA1 7ad86b36f63b91fb3e4ddea767e757665c00ffab
SHA256 8a59dc353d4b33021beb9b6c0e89c90190a21e47558b9d2e1a6ceca68d2d1f43
ssdeep
6144:09KX3RA6HkB9HcoXtnNmh0xtOWM1jjO7Acm8KGU1/8wy9YSfVEc:7RAN9HcoXHVxbM1jjKAcKZ1A9Ymx

File size 446.6 KB ( 457353 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (69.4%)
Win64 Executable (generic) (23.3%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.6%)
DOS Executable Generic (1.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-12-09 10:30:26 UTC ( 3 years, 9 months ago )
Last submission 2014-01-15 23:29:52 UTC ( 3 years, 8 months ago )
File names Inferial
exe.ex
Inferial.exe
Proforma Invoice.scr
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!