× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8e2f97907b66028d3c23382f8811d0842b6a556bc118f2ef520e13962d4281f2
File name: 5minut1.exe
Detection ratio: 15 / 50
Analysis date: 2014-04-14 03:12:50 UTC ( 3 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Agent.BCPF 20140414
AntiVir TR/Agent.BZRX 20140414
Avast Win32:Dropper-gen [Drp] 20140414
BitDefender Trojan.Agent.BCPF 20140414
Bkav HW32.CDB.4685 20140412
Emsisoft Trojan.Agent.BCPF (B) 20140414
ESET-NOD32 a variant of Win32/Kryptik.BZRX 20140413
Fortinet W32/Simda.ACLW!tr.bdr 20140413
GData Trojan.Agent.BCPF 20140414
Kaspersky Backdoor.Win32.Simda.acmh 20140414
Malwarebytes Trojan.Agent.FSA108 20140414
eScan Trojan.Agent.BCPF 20140414
Qihoo-360 Malware.QVM20.Gen 20140414
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20140413
Sophos AV Mal/Kryptik-E 20140414
AegisLab 20140414
Yandex 20140413
AhnLab-V3 20140413
Antiy-AVL 20140413
AVG 20140413
Baidu-International 20140413
ByteHero 20140414
CAT-QuickHeal 20140413
ClamAV 20140414
CMC 20140411
Commtouch 20140414
Comodo 20140413
DrWeb 20140414
F-Prot 20140414
F-Secure 20140413
Ikarus 20140414
Jiangmin 20140413
K7AntiVirus 20140411
K7GW 20140411
Kingsoft 20130829
McAfee 20140414
McAfee-GW-Edition 20140413
Microsoft 20140414
NANO-Antivirus 20140414
Norman 20140414
nProtect 20140413
Panda 20140413
SUPERAntiSpyware 20140413
Symantec 20140414
TheHacker 20140413
TotalDefense 20140413
TrendMicro 20140414
TrendMicro-HouseCall 20140414
VBA32 20140411
VIPRE 20140413
ViRobot 20140413
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
1996

Product Ydy
Original name Skxb.exe
Internal name Ojo
File version 1, 10, 4
Description Osu Loje Mebih
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-01-20 12:11:29
Entry Point 0x00032D89
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExW
InitCommonControlsEx
EnumUILanguagesA
FileTimeToDosDateTime
WaitForSingleObject
ReplaceFileW
QueueUserAPC
DisconnectNamedPipe
OpenFileMappingW
RtlZeroMemory
GetLocaleInfoA
FreeEnvironmentStringsW
lstrcatW
EnumResourceLanguagesW
FindResourceExA
WideCharToMultiByte
WaitForDebugEvent
WritePrivateProfileStructA
GetTempPathW
SetFileAttributesA
LocalFree
MoveFileA
ConnectNamedPipe
FindFirstVolumeMountPointW
GetStringTypeExW
TlsGetValue
GetVolumePathNameA
PeekNamedPipe
DeviceIoControl
RemoveDirectoryW
ExitProcess
OpenWaitableTimerA
SetThreadPriority
MultiByteToWideChar
FoldStringW
GetCalendarInfoA
GetPrivateProfileStringW
MoveFileExW
CreatePipe
ConvertDefaultLocale
MulDiv
EnumSystemLanguageGroupsW
SetPriorityClass
GetThreadSelectorEntry
GlobalMemoryStatus
SearchPathW
SetDefaultCommConfigA
SetCurrentDirectoryW
GetCommState
SearchPathA
ChangeTimerQueueTimer
GetNumberFormatW
CallNamedPipeW
GetSystemTime
lstrcmpiA
SetTapeParameters
GetOEMCP
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
RtlUnwind
GetWindowsDirectoryW
OpenProcess
GetCommProperties
_lread
GetTimeFormatW
GetFileInformationByHandle
GlobalFix
GetComputerNameExW
GetComputerNameA
EnumUILanguagesW
SetVolumeLabelW
GetFileType
TlsSetValue
GetCurrencyFormatW
DefineDosDeviceW
SystemTimeToFileTime
LCMapStringW
GetShortPathNameW
LocalFileTimeToFileTime
CreateHardLinkA
GetSystemWindowsDirectoryW
GetThreadLocale
GlobalUnlock
GetDevicePowerState
GetCommTimeouts
GetCPInfoExW
CompareFileTime
LockResource
ContinueDebugEvent
GetCompressedFileSizeW
GetCurrentThread
GetDiskFreeSpaceExW
SetSystemPowerState
GlobalFlags
EnumResourceTypesW
GetACP
FreeResource
OpenEventW
LocalHandle
PathAppendA
PathCanonicalizeA
IsZoomed
GetForegroundWindow
EndPaint
UpdateWindow
IntersectRect
EndDialog
BeginPaint
OffsetRect
DefWindowProcW
MoveWindow
DispatchMessageW
CheckRadioButton
GetMessageW
ShowWindow
LoadBitmapW
GetSystemMetrics
EnableMenuItem
MessageBoxW
PeekMessageW
GetWindowRect
FrameRect
SetCapture
ReleaseCapture
DialogBoxParamW
MessageBoxA
GetDlgItemTextW
PostMessageW
GetKeyNameTextW
SendMessageW
SetDlgItemTextW
GetDC
ReleaseDC
WaitMessage
GetMenu
LoadStringA
TranslateAcceleratorW
RegisterClassW
WinHelpW
GetWindowPlacement
GetClientRect
GetDlgItem
DrawMenuBar
DrawTextW
UnionRect
IsIconic
InvertRect
SetRect
InvalidateRect
GetSubMenu
FillRect
IsDlgButtonChecked
CheckDlgButton
GetDesktopWindow
LoadCursorW
LoadIconW
CreateWindowExW
LoadAcceleratorsW
wsprintfW
PtInRect
DestroyWindow
Number of PE resources by type
RT_DIALOG 36
Struct(13) 1
RT_VERSION 1
Number of PE resources by language
SPANISH DOMINICAN REPUBLIC 38
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:01:20 13:11:29+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
245760

LinkerVersion
8.0

FileTypeExtension
exe

InitializedDataSize
522752

SubsystemVersion
4.0

EntryPoint
0x32d89

OSVersion
6.1

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
PCAP parents
File identification
MD5 63f9122bfed825396e2ecd3d28022aa6
SHA1 e922481eb2d9a3d10129363f8c7623dd6886fdda
SHA256 8e2f97907b66028d3c23382f8811d0842b6a556bc118f2ef520e13962d4281f2
ssdeep
12288:8kglpQgNMhHej+Uw2BD9+D6fCIwv+uCHhKZlYedVAWWYtGI:Jg8G+Uw2BDTfrZgnNdVjWY0

authentihash 9a496c34d4f2c6282aff51cc08aee4123c2eb54617d8ae9b3855ae9bd7336722
imphash dc107d708020d5985dd87f5f24de413e
File size 751.5 KB ( 769536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2014-04-14 03:12:50 UTC ( 3 years, 6 months ago )
Last submission 2017-04-16 12:24:10 UTC ( 6 months, 1 week ago )
File names Ojo
Skxb.exe
5minut1.exe
file-7121138_
ON6JYgIofW.hta
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications