× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8aa998c89ba83139cd192a9c8dc9b452e428b1222f91130cd6ff2079a3716d05
File name: bot.exe
Detection ratio: 26 / 55
Analysis date: 2015-10-31 10:45:30 UTC ( 2 years, 10 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2836183 20151031
AhnLab-V3 Trojan/Win32.Upbot 20151030
Antiy-AVL Trojan/Win32.TSGeneric 20151031
Arcabit Trojan.Generic.D2B46D7 20151031
Avast Win32:Malware-gen 20151031
AVG Win32/Cryptor 20151031
Avira (no cloud) TR/Crypt.ZPACK.198341 20151031
AVware Trojan.Win32.Generic!BT 20151031
BitDefender Trojan.GenericKD.2836183 20151031
Cyren W32/Agent.XL.gen!Eldorado 20151031
DrWeb BackDoor.Andromeda.662 20151031
Emsisoft Trojan.GenericKD.2836183 (B) 20151031
ESET-NOD32 a variant of Win32/Kryptik.ECWA 20151031
F-Prot W32/Agent.XL.gen!Eldorado 20151031
F-Secure Trojan.GenericKD.2836183 20151031
Fortinet W32/Kryptik.ECTC!tr 20151031
GData Trojan.GenericKD.2836183 20151031
Malwarebytes Trojan.Agent 20151031
McAfee Artemis!8375E892E2C4 20151031
McAfee-GW-Edition BehavesLike.Win32.BadFile.jh 20151031
eScan Trojan.GenericKD.2836183 20151031
Qihoo-360 HEUR/QVM10.1.Malware.Gen 20151031
Symantec Suspicious.Cloud.5 20151030
TrendMicro TROJ_FORUCON.BMC 20151031
TrendMicro-HouseCall TROJ_FORUCON.BMC 20151031
VIPRE Trojan.Win32.Generic!BT 20151031
AegisLab 20151031
Yandex 20151030
Alibaba 20151030
ALYac 20151031
Baidu-International 20151031
Bkav 20151029
ByteHero 20151031
CAT-QuickHeal 20151031
ClamAV 20151030
CMC 20151029
Comodo 20151031
Ikarus 20151031
Jiangmin 20151030
K7AntiVirus 20151031
K7GW 20151031
Kaspersky 20151031
Microsoft 20151031
NANO-Antivirus 20151031
nProtect 20151030
Panda 20151031
Rising 20151030
Sophos AV 20151031
SUPERAntiSpyware 20151030
Tencent 20151031
TheHacker 20151030
VBA32 20151030
ViRobot 20151031
Zillya 20151030
Zoner 20151031
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2015. PremiumSoft CyberTech Ltd.

Product PremiumSoft Navicat for SQLite
File version 11.1.10
Description PremiumSoft Navicat for SQLite Setup
Comments This installation was built with Inno Setup.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-29 23:59:27
Entry Point 0x0000B0AC
Number of sections 4
PE sections
Overlays
MD5 4c08846e30a61c5f13f40f373881abd3
File type data
Offset 696320
Size 1903
Entropy 7.88
PE imports
RegCreateKeyExW
RegDeleteKeyA
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
AccessCheck
InitializeAcl
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExW
SetSecurityDescriptorDacl
OpenProcessToken
RegQueryValueA
AddAccessAllowedAce
RegEnumKeyW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
ImpersonateSelf
OpenThreadToken
GetLengthSid
RevertToSelf
RegSetValueExW
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
RegDeleteValueA
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
IsValidSecurityDescriptor
ImageList_Destroy
PrintDlgA
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
ChooseColorA
CommDlgExtendedError
GetSaveFileNameA
SetMapMode
GetWindowOrgEx
GetEnhMetaFileBits
GetTextMetricsA
CombineRgn
GetTextExtentPointA
EndDoc
DeleteObject
IntersectClipRect
CreatePalette
EqualRgn
CreateDIBitmap
GetDIBits
ExtCreateRegion
SetTextAlign
StretchDIBits
ScaleViewportExtEx
CloseMetaFile
SetBkColor
GetBkColor
SetRectRgn
DeleteEnhMetaFile
TextOutW
GetSystemPaletteEntries
OffsetRgn
GetCurrentPositionEx
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
LPtoDP
GetPixel
SetWindowExtEx
OffsetViewportOrgEx
SetBkMode
GetRegionData
BitBlt
GetDeviceCaps
CreateFontA
SelectPalette
PtVisible
ExtSelectClipRgn
ScaleWindowExtEx
EndPage
GetTextColor
Escape
SetViewportExtEx
CreateCompatibleDC
AddFontResourceA
GetWindowExtEx
PatBlt
CreatePen
GetClipBox
GetObjectA
CreateDCA
LineTo
DeleteDC
GetMapMode
StartPage
GetObjectW
GetCharWidthA
RealizePalette
SetEnhMetaFileBits
CreateBitmap
RectVisible
GetStockObject
PlayEnhMetaFile
ExtTextOutA
GdiFlush
SelectClipRgn
GetTextAlign
GetTextExtentPoint32A
SetWindowOrgEx
GetViewportExtEx
CreatePolygonRgn
Polygon
GetRgnBox
SaveDC
ExtTextOutW
RestoreDC
SetDIBitsToDevice
SetTextColor
MoveToEx
SetViewportOrgEx
EnumFontFamiliesExA
CreateRectRgn
RemoveFontResourceA
SelectObject
StartDocA
CreateCompatibleBitmap
CreateSolidBrush
DPtoLP
AbortDoc
Ellipse
DeleteMetaFile
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
Thread32Next
HeapDestroy
GlobalGetAtomNameA
GetFileAttributesW
DuplicateHandle
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
UnhandledExceptionFilter
SetErrorMode
GetLogicalDrives
SetHandleCount
lstrcatW
GlobalFindAtomA
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
GetTempPathA
WideCharToMultiByte
lstrcmpiA
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
GlobalMemoryStatusEx
Thread32First
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
LocalFree
FormatMessageW
ResumeThread
GetLogicalDriveStringsA
InitializeCriticalSection
LoadResource
GlobalHandle
GetLogicalDriveStringsW
FindClose
TlsGetValue
FormatMessageA
SetFileAttributesW
GetStringTypeExA
OutputDebugStringA
WritePrivateProfileStringW
SetLastError
VirtualLock
GetSystemTime
CopyFileW
GetUserDefaultLangID
GetModuleFileNameW
IsBadReadPtr
IsDebuggerPresent
ExitProcess
GetVersionExA
GetModuleFileNameA
GlobalFindAtomW
RaiseException
EnumSystemLocalesA
GlobalAddAtomW
GetPrivateProfileStringA
SetThreadPriority
GetVolumeInformationW
InterlockedDecrement
MultiByteToWideChar
SetFilePointerEx
MoveFileW
FindNextFileA
CreateMutexA
GetModuleHandleA
GetFullPathNameW
LockFileEx
CreateSemaphoreA
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
CreateMutexW
Module32NextW
IsProcessorFeaturePresent
UnlockFile
GetSystemDirectoryA
SetEnvironmentVariableA
SetPriorityClass
GlobalMemoryStatus
WriteConsoleA
GetVersion
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
MulDiv
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
Process32First
TerminateThread
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
ExitThread
Process32Next
LocalLock
GlobalSize
IsBadCodePtr
GetStartupInfoA
GetDateFormatA
GetFileSize
LCMapStringW
OpenProcess
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
CreateDirectoryW
GetFullPathNameA
GetUserDefaultLCID
GetProcessHeap
GetTempFileNameW
CompareStringW
lstrcpyW
GetFileSizeEx
GlobalReAlloc
RemoveDirectoryW
FreeEnvironmentStringsW
lstrcmpA
FindNextFileW
lstrcpyA
GetProfileStringA
CompareStringA
FreeConsole
CreateFileMappingA
FindFirstFileW
IsValidLocale
lstrcmpW
WaitForMultipleObjects
GetProcAddress
SetEvent
GetTempPathW
GetTimeZoneInformation
CreateFileW
GetConsoleWindow
CreateEventA
CopyFileA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LocalUnlock
LeaveCriticalSection
GetLastError
LocalReAlloc
DosDateTimeToFileTime
GlobalDeleteAtom
GetShortPathNameW
HeapCreate
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetSystemWindowsDirectoryW
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
VirtualQuery
lstrlenW
GetCPInfo
Process32NextW
VirtualFree
LockFile
Module32FirstW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
Process32FirstW
GetCurrentThread
OpenMutexA
SuspendThread
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
PulseEvent
FindFirstFileA
CloseHandle
lstrcpynA
GetVolumeInformationA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
GetFileAttributesExW
SetStdHandle
GetEnvironmentStrings
CreateProcessA
IsValidCodePage
UnmapViewOfFile
FindResourceExW
CreateProcessW
Sleep
TerminateProcess
GetProcessVersion
FindResourceA
VirtualAlloc
DeleteFileW
GetOEMCP
GetTimeFormatA
SHGetFolderPathW
ShellExecuteExA
ShellExecuteW
SHCreateDirectoryExW
SHBrowseForFolderW
SHGetFolderLocation
DragAcceptFiles
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderA
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
DragQueryFileA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
PathAddBackslashW
SHCreateStreamOnFileW
PathIsRelativeW
PathMakePrettyW
PathIsFileSpecW
PathStripPathW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathIsUNCW
PathQuoteSpacesW
PathAppendW
PathFindExtensionW
PathGetCharTypeW
PathStripToRootW
PathIsRootW
PathRemoveBackslashW
MapWindowPoints
GetForegroundWindow
SetWindowRgn
SetMenuItemBitmaps
LoadBitmapW
CharUpperW
EnableScrollBar
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
GetNextDlgTabItem
IsWindow
GrayStringW
DispatchMessageA
EndPaint
IntersectRect
GetMessageTime
SetActiveWindow
DispatchMessageW
GetAsyncKeyState
MapDialogRect
GetDlgCtrlID
SendMessageW
UnregisterClassA
SendMessageA
UnregisterClassW
GetClientRect
DrawTextW
MoveWindow
SetScrollPos
CallNextHookEx
IsClipboardFormatAvailable
GetActiveWindow
CopyAcceleratorTableW
GetWindowTextW
RegisterClipboardFormatW
LoadImageA
GetWindowTextLengthW
ShowCaret
GetTopWindow
GetWindowTextA
InvalidateRgn
PtInRect
IsRectEmpty
GetParent
UpdateWindow
IsDlgButtonChecked
GetPropW
EqualRect
EnumWindows
GetMenuState
GetWindow
GetMessageW
ShowWindow
GetPropA
GetNextDlgGroupItem
SetPropW
GetDesktopWindow
PeekMessageW
EnableWindow
ExcludeUpdateRgn
PeekMessageA
TranslateMessage
IsWindowEnabled
GetDlgItemTextW
RegisterClassW
SystemParametersInfoA
LoadStringA
SetParent
SetClipboardData
ScrollWindow
GetWindowPlacement
DestroyWindow
SetWindowLongW
IsIconic
GetScrollPos
GetWindowLongA
CreateWindowExA
IsDialogMessageW
FillRect
EnumThreadWindows
SetWindowContextHelpId
WaitForInputIdle
GetSysColorBrush
IsWindowUnicode
GetClassInfoW
CreateWindowExW
TabbedTextOutW
GetWindowLongW
CharNextW
IsChild
IsDialogMessageA
SetFocus
RegisterWindowMessageW
SetCapture
BeginPaint
OffsetRect
DefWindowProcW
ReleaseCapture
KillTimer
GetMonitorInfoA
GetClipboardData
GetClassInfoExW
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
SetScrollRange
GetWindowRect
InflateRect
PostMessageA
DrawIcon
GetScrollRange
SetWindowLongA
SendDlgItemMessageW
PostMessageW
CheckDlgButton
CreateDialogParamW
SetWindowTextA
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
SetWindowTextW
SetTimer
GetDlgItem
GetMenuCheckMarkDimensions
BringWindowToTop
ClientToScreen
LoadCursorA
LoadIconA
SetWindowsHookExA
PostThreadMessageW
GetMenuItemCount
AttachThreadInput
ValidateRect
SetWindowsHookExW
LoadCursorW
GetSystemMenu
GetMenuItemID
SetForegroundWindow
ExitWindowsEx
OpenClipboard
GetCursorPos
CreateDialogIndirectParamW
ReleaseDC
DrawTextExW
EndDialog
HideCaret
CopyRect
GetCapture
FindWindowA
MessageBeep
RemoveMenu
GetWindowThreadProcessId
MessageBoxW
GetMenu
UnhookWindowsHookEx
LoadIconW
SetRectEmpty
DialogBoxParamW
GetWindowDC
AdjustWindowRectEx
MessageBoxIndirectW
GetSysColor
SetDlgItemTextW
GetKeyState
GetWindowRgn
EnumDisplayMonitors
IsWindowVisible
WinHelpW
GetDC
SetRect
InvalidateRect
CallWindowProcW
GetClassNameW
DefDlgProcA
AdjustWindowRect
ModifyMenuW
CallWindowProcA
GetClassNameA
GetFocus
CloseClipboard
SetCursor
RemovePropW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
timeKillEvent
waveOutReset
waveInOpen
waveOutUnprepareHeader
waveOutGetDevCapsA
timeSetEvent
mixerGetLineControlsA
mciSendStringA
waveOutGetPosition
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
waveInPrepareHeader
waveInGetDevCapsA
waveOutGetNumDevs
waveOutClose
waveInAddBuffer
timeGetTime
waveInClose
waveInGetNumDevs
mixerGetDevCapsA
waveOutOpen
mixerSetControlDetails
mixerClose
waveOutPrepareHeader
waveInUnprepareHeader
mciGetErrorStringA
mixerGetControlDetailsA
waveInStart
waveOutWrite
mciSendCommandA
waveInReset
ClosePrinter
DocumentPropertiesA
DocumentPropertiesW
OpenPrinterA
OpenPrinterW
CoInitializeEx
OleUninitialize
CoUninitialize
CoInitialize
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CLSIDFromString
CoCreateInstance
CLSIDFromProgID
CoRevokeClassObject
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleRun
OleIsCurrentClipboard
CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
Number of PE resources by type
RT_STRING 6
RT_DIALOG 6
RT_BITMAP 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 8
NEUTRAL 7
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.1.10.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
586752

EntryPoint
0xb0ac

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2015. PremiumSoft CyberTech Ltd.

FileVersion
11.1.10

TimeStamp
2015:10:30 00:59:27+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
11.1.10

FileDescription
PremiumSoft Navicat for SQLite Setup

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
PremiumSoft CyberTech Ltd.

CodeSize
108544

ProductName
PremiumSoft Navicat for SQLite

ProductVersionNumber
11.1.10.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8375e892e2c447ffe3e55cb818f68de0
SHA1 c3d6f139a856b7311341a3b8f82b5b431fd1ef37
SHA256 8aa998c89ba83139cd192a9c8dc9b452e428b1222f91130cd6ff2079a3716d05
ssdeep
12288:HoyRXsqva3OY0Nnw/0W2esztlKFKv+djLfM4khomC+/2WFUG5RZ6:hRXsV+YKwcqsxl5+djTIPe/GXZ6

authentihash 666e85fb06932287049b75cbf51fc7fe8e84d2ae13cb06fc7fbf6ce21c9dec77
imphash e245861934f4826e0fc598d9b7a6804e
File size 681.9 KB ( 698223 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-10-30 00:00:49 UTC ( 2 years, 11 months ago )
Last submission 2015-10-31 10:45:30 UTC ( 2 years, 10 months ago )
File names bot.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Shell commands
Created mutexes
Opened mutexes
Runtime DLLs