× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8c216a5fbf8eb5f329911186539bc14b75e4205a3aa4c49942dbddef9188873c
File name: packed_8c216a5fbf8eb5f329911186539bc14b75e4205a3aa4c49942dbddef91...
Detection ratio: 35 / 56
Analysis date: 2016-03-15 15:58:26 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.42164 20160315
Yandex Packed/Upack 20160314
AhnLab-V3 Trojan/Win32.OnlineGameHack 20160315
ALYac Gen:Variant.Zusy.42164 20160315
Antiy-AVL Trojan[GameThief]/Win32.WOW.gic 20160315
Arcabit Trojan.Zusy.DA4B4 20160315
Avast Win32:Evo-gen [Susp] 20160315
AVG upack 20160315
Avira (no cloud) TR/ATRAPS.Gen2 20160315
AVware Packed.Win32.Upack (v) 20160315
BitDefender Gen:Variant.Zusy.42164 20160315
CAT-QuickHeal (Suspicious) - DNAScan 20160314
Comodo TrojWare.Win32.Trojan.Inject.~II 20160315
Cyren W32/Downloader.F.gen!Eldorado 20160315
Emsisoft Gen:Variant.Zusy.42164 (B) 20160315
ESET-NOD32 a variant of Win32/Zlader.L 20160315
F-Prot W32/Downloader.F.gen!Eldorado 20160315
F-Secure Gen:Variant.Zusy.42164 20160315
GData Gen:Variant.Zusy.42164 20160315
Ikarus Trojan-Spy.Frethog 20160315
K7AntiVirus Trojan ( 004b00ec1 ) 20160315
K7GW Trojan ( 003b1b581 ) 20160315
Kaspersky HEUR:Trojan.Win32.Generic 20160315
McAfee-GW-Edition BehavesLike.Win32.PWSOnlineGames.zc 20160315
Microsoft TrojanDownloader:Win32/Skidlo.gen!A 20160315
eScan Gen:Variant.Zusy.42164 20160315
NANO-Antivirus Virus.Win32.Gen.ccmw 20160315
Panda Trj/Genetic.gen 20160315
Qihoo-360 QVM34.0.Malware.Gen 20160315
Sophos AV Mal/EncPk-BW 20160315
Symantec Suspicious.Stealers 20160315
TheHacker W32/Behav-Heuristic-060 20160314
TrendMicro Cryp_Xed-12 20160315
TrendMicro-HouseCall Cryp_Xed-12 20160315
VIPRE Packed.Win32.Upack (v) 20160315
AegisLab 20160315
Alibaba 20160315
Baidu 20160315
Baidu-International 20160315
Bkav 20160315
ByteHero 20160315
ClamAV 20160311
CMC 20160314
DrWeb 20160315
Fortinet 20160315
Jiangmin 20160315
Malwarebytes 20160315
McAfee 20160315
nProtect 20160315
Rising 20160315
SUPERAntiSpyware 20160315
Tencent 20160315
VBA32 20160315
ViRobot 20160315
Zillya 20160315
Zoner 20160315
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Packers identified
F-PROT UPack
PEiD WinUpack v0.39 final (relocated image base) -> By Dwing (c)2005 (h2)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1970-01-01 01:08:16
Entry Point 0x0000B2E6
Number of sections 2
PE sections
PE imports
LoadLibraryA
GetProcAddress
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
1970:01:01 02:08:16+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
19456

LinkerVersion
0.58

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit, DLL

Warning
Error processing PE data dictionary

EntryPoint
0xb2e6

InitializedDataSize
3072

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 e6c78aa305ac8e663482f5d34094288e
SHA1 2dc5d9a4e01bd9ce3744c3a4e31f25ae90ad323c
SHA256 8c216a5fbf8eb5f329911186539bc14b75e4205a3aa4c49942dbddef9188873c
ssdeep
192:P0eNFCDC3ipPDok0CHlKwke+y/3E2CUlnollSC9tl/H7cOfP7kgUw9a:P0eLwaipbolCFKwke+E3ol/R7cOfPkd

authentihash 3f7e7180b37e33882a75d8417876e4b8661eea84400888f53b72141319d63c13
imphash 87bed5a7cba00c7e1f4015f1bdae2183
File size 10.0 KB ( 10202 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID DOS Executable Generic (100.0%)
Tags
upack pedll

VirusTotal metadata
First submission 2016-03-15 15:58:26 UTC ( 3 years, 1 month ago )
Last submission 2019-01-30 23:30:34 UTC ( 2 months, 2 weeks ago )
File names HEUR.Trojan.Win32.Generic.bin
packed_8c216a5fbf8eb5f329911186539bc14b75e4205a3aa4c49942dbddef9188873c
8c216a5fbf8eb5f329911186539bc14b75e4205a3aa4c49942dbddef9188873c.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!