× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8ca0be2fda997b467dd289f85f5a9e7fa6fa08bd0eda61226df6a167f627835c
File name: 8ca0be2fda997b467dd289f85f5a9e7fa6fa08bd0eda61226df6a167f627835c
Detection ratio: 38 / 66
Analysis date: 2017-10-10 21:58:02 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Mikey.69550 20171010
AegisLab Gen.Variant.Mikey!c 20171010
AhnLab-V3 Trojan/Win32.Generic.C2087353 20171010
ALYac Gen:Variant.Mikey.69550 20171010
Antiy-AVL Trojan/Win32.BTSGeneric 20171010
Arcabit Trojan.Mikey.D10FAE 20171010
Avast Win32:Malware-gen 20171010
AVG Win32:Malware-gen 20171010
Avira (no cloud) TR/Agent.romrg 20171010
AVware Trojan.Win32.Generic!BT 20171010
BitDefender Gen:Variant.Mikey.69550 20171010
CAT-QuickHeal Genvariant.Mikey 20171010
Comodo UnclassifiedMalware 20171010
Cyren W32/Trojan.VYWX-2770 20171010
Emsisoft Gen:Variant.Mikey.69550 (B) 20171010
ESET-NOD32 a variant of Generik.HWVWOAO 20171010
F-Secure Gen:Variant.Mikey.69550 20171010
Fortinet GenericRXCL.RL!tr 20171010
GData Gen:Variant.Mikey.69550 20171010
Ikarus Trojan.SuspectCRC 20171010
Jiangmin Trojan.Generic.bftto 20171010
Malwarebytes Adware.Yelloader 20171010
MAX malware (ai score=99) 20171010
McAfee GenericRXCL-RL!4C926C4B6F4B 20171010
McAfee-GW-Edition BehavesLike.Win32.Generic.th 20171010
eScan Gen:Variant.Mikey.69550 20171010
Palo Alto Networks (Known Signatures) generic.ml 20171010
Panda Trj/GdSda.A 20171010
Qihoo-360 Win32/Trojan.c2e 20171010
Rising Malware.Heuristic!ET#96% (CLOUD) 20171010
Sophos AV Mal/Generic-S 20171010
SUPERAntiSpyware Adware.Yelloader/Variant 20171010
Symantec Trojan.Gen.2 20171010
TrendMicro TROJ_GEN.R001C0OJ217 20171010
TrendMicro-HouseCall TROJ_GEN.R001C0OJ217 20171010
VIPRE Trojan.Win32.Generic!BT 20171010
Webroot W32.Trojan.Gen 20171010
Yandex Trojan.Agent!jNElG1foe0Q 20171010
Alibaba 20170911
Avast-Mobile 20171010
Baidu 20170930
Bkav 20171009
ClamAV 20171010
CMC 20171009
CrowdStrike Falcon (ML) 20170804
Cylance 20171010
DrWeb 20171010
Endgame 20170821
F-Prot 20171010
Sophos ML 20170914
K7AntiVirus 20171010
K7GW 20171010
Kaspersky 20171010
Kingsoft 20171010
Microsoft 20171010
NANO-Antivirus 20171010
nProtect 20171010
SentinelOne (Static ML) 20171001
Symantec Mobile Insight 20171006
Tencent 20171010
TheHacker 20171007
TotalDefense 20171010
Trustlook 20171010
VBA32 20171010
ViRobot 20171010
WhiteArmor 20170927
Zillya 20171010
ZoneAlarm by Check Point 20171010
Zoner 20171010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2000-2015 JetBrains s.r.o. SMARTSOFT

File version 1.0.1.5
Description Windows Process Manager
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-09-29 03:24:05
Entry Point 0x00091A28
Number of sections 6
PE sections
PE imports
SystemFunction036
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateFontW
GetStdHandle
GetDriveTypeW
WaitForSingleObject
EncodePointer
GetFileAttributesW
GetProcessId
CreatePipe
GetCurrentProcess
GetConsoleMode
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetTempPathA
GetCPInfo
GetTempPathW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
ConnectNamedPipe
InitializeCriticalSection
OutputDebugStringW
TlsGetValue
CancelIo
GetFullPathNameW
OutputDebugStringA
GetEnvironmentVariableW
SetLastError
GetNamedPipeInfo
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
RaiseException
LoadLibraryExA
SetThreadPriority
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
FormatMessageA
RegisterWaitForSingleObject
CreateThread
SetEnvironmentVariableW
MoveFileExW
GetSystemDirectoryW
DeleteCriticalSection
SetNamedPipeHandleState
CreateSemaphoreW
CreateMutexW
IsProcessorFeaturePresent
DecodePointer
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleExW
VirtualQueryEx
CreateEventW
SetEndOfFile
GetCurrentThreadId
GetProcAddress
GetModuleHandleExA
WriteConsoleW
CreateToolhelp32Snapshot
AreFileApisANSI
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetWindowsDirectoryW
OpenProcess
GetDateFormatW
RtlCaptureStackBackTrace
GetStartupInfoW
SetEvent
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetTimeFormatW
WaitNamedPipeW
ExpandEnvironmentStringsW
CreateDirectoryW
ResetEvent
IsValidLocale
DuplicateHandle
WaitForMultipleObjects
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetNativeSystemInfo
GetLastError
LCMapStringW
CreateNamedPipeW
GetConsoleCP
UnregisterWaitEx
CompareStringW
GetEnvironmentStringsW
QueryPerformanceFrequency
Process32NextW
GetQueuedCompletionStatus
GetCurrentDirectoryW
GetCurrentProcessId
CreateIoCompletionPort
GetCommandLineW
WideCharToMultiByte
HeapSize
Sleep
Process32FirstW
GetCurrentThread
ReadConsoleW
ReleaseSemaphore
TlsFree
ReadFile
RtlCaptureContext
CloseHandle
GetACP
GetModuleHandleW
GetFileAttributesExW
CreateProcessA
IsValidCodePage
WriteFile
PostQueuedCompletionStatus
TransactNamedPipe
SetFocus
RegisterClassExW
GetForegroundWindow
GetParent
UpdateWindow
BeginPaint
DefWindowProcW
KillTimer
PostQuitMessage
ShowWindow
CallMsgFilterW
SetWindowPos
GetWindowThreadProcessId
BeginDeferWindowPos
SetWindowLongW
PeekMessageW
EnableWindow
SetMenu
LoadCursorW
TranslateMessage
GetFocus
PostMessageW
MsgWaitForMultipleObjectsEx
DispatchMessageW
EndDeferWindowPos
ReleaseDC
WaitMessage
SendMessageW
GetQueueStatus
GetWindowLongW
GetSystemMetrics
IsWindowVisible
LoadStringW
SetWindowTextW
SetCursorPos
SystemParametersInfoW
GetDC
ClientToScreen
SetTimer
CallWindowProcW
UnregisterClassW
SetParent
AttachThreadInput
GetClientRect
DeferWindowPos
IsRectEmpty
LoadIconW
FindWindowExW
CreateWindowExW
EndPaint
SetForegroundWindow
DestroyWindow
timeEndPeriod
timeGetTime
timeBeginPeriod
cef_string_multimap_alloc
cef_v8value_create_int
cef_api_hash
cef_request_context_create_context
cef_execute_process
cef_command_line_get_global
cef_string_utf16_to_utf8
cef_v8value_create_object
cef_string_multimap_append
cef_post_delayed_task
cef_v8value_create_string
cef_string_map_free
cef_log
cef_string_list_size
cef_v8context_get_current_context
cef_string_map_append
cef_enable_highdpi_support
cef_string_list_copy
cef_set_osmodal_loop
cef_string_utf16_set
cef_string_list_value
cef_v8value_create_function
cef_run_message_loop
cef_shutdown
create_context_shared
cef_browser_host_create_browser
cef_string_list_free
cef_string_utf8_to_utf16
cef_post_task
cef_string_multimap_key
cef_process_message_create
cef_string_multimap_size
cef_quit_message_loop
cef_string_utf8_clear
cef_string_userfree_utf16_free
cef_string_list_append
cef_string_map_key
cef_string_utf16_clear
cef_request_context_get_global_context
cef_string_map_alloc
cef_string_map_value
cef_string_utf16_cmp
cef_currently_on
cef_command_line_create
cef_string_multimap_value
cef_cookie_manager_get_global_manager
cef_string_map_size
cef_string_multimap_free
cef_string_list_alloc
cef_initialize
CoInitializeEx
CoUninitialize
CoTaskMemFree
PE exports
Number of PE resources by type
RT_ICON 16
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 21
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
1.0.1.5

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
297984

EntryPoint
0x91a28

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.1.5

TimeStamp
2017:09:29 04:24:05+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.1.5

FileDescription
Windows Process Manager

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (C) 2000-2015 JetBrains s.r.o. SMARTSOFT

MachineType
Intel 386 or later, and compatibles

CodeSize
803328

FileSubtype
0

ProductVersionNumber
1.0.1.5

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 4c926c4b6f4b3226752e4b2d75448a65
SHA1 96055210bf542c9cc2186ab0ba9848677bdcff61
SHA256 8ca0be2fda997b467dd289f85f5a9e7fa6fa08bd0eda61226df6a167f627835c
ssdeep
24576:OOz/RlP7ezuACZSY6Oy+jmAjxZFVqBWvTTEh7:OA75ZHj9VWWLTI7

authentihash 97ba75cc40122b7a02b96363158045676ff02477b58b3a35efe212a4b38ea2b3
imphash 67130e0ed1d682099813f791e9b4d09d
File size 1.0 MB ( 1087488 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2017-09-29 18:50:52 UTC ( 1 month, 3 weeks ago )
Last submission 2017-10-30 12:35:43 UTC ( 3 weeks, 2 days ago )
File names usomrvd.exe
8ca0be2fda997b467dd289f85f5a9e7fa6fa08bd0eda61226df6a167f627835c.bin
sekuxzi.exe
rehxvgk.exe
auowleb.exe
ranbetp.exe
cwaumvs.exe
utcqetk.exe
ianewdk.exe
snacbwm.exe
scrpabw.exe
winldvk.exe
mbezoat.exe
atbhvls.exe
vmxclient.exe
dsstaxo.exe
sphkbgu.exe
vmxclient.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!