× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8e4886512bc857772f732e2a6459364baf009a0b1ef7f8e5aa389045fc95312c
File name: 55fca5289f81bcfbc2826ec52a1009a7 (1)
Detection ratio: 22 / 55
Analysis date: 2016-07-15 13:09:09 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3406832 20160715
AegisLab Troj.W32.Gen.lMJ4 20160715
Arcabit Trojan.Generic.D33FBF0 20160715
Avast Win32:Malware-gen 20160715
Avira (no cloud) TR/Crypt.Xpack.auax 20160715
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160715
BitDefender Trojan.GenericKD.3406832 20160715
Cyren W32/Trojan.VNGY-0637 20160715
Emsisoft Trojan.GenericKD.3406832 (B) 20160715
ESET-NOD32 Win32/Dridex.AR 20160715
F-Secure Trojan.GenericKD.3406832 20160715
GData Trojan.GenericKD.3406832 20160715
Ikarus Trojan.Win32.Dridex 20160715
K7GW Trojan ( 004f31ae1 ) 20160715
Kaspersky UDS:DangerousObject.Multi.Generic 20160715
McAfee Artemis!55FCA5289F81 20160715
McAfee-GW-Edition BehavesLike.Win32.Sdbot.fm 20160715
eScan Trojan.GenericKD.3406832 20160715
Panda Trj/Genetic.gen 20160714
Sophos AV Mal/Qbot-N 20160715
Symantec Trojan.Cridex 20160715
Tencent Win32.Trojan.Bp-generic.Wpav 20160715
AhnLab-V3 20160715
Alibaba 20160715
ALYac 20160715
Antiy-AVL 20160715
AVG 20160715
AVware 20160715
Bkav 20160715
CAT-QuickHeal 20160715
ClamAV 20160715
CMC 20160715
Comodo 20160715
DrWeb 20160715
F-Prot 20160715
Fortinet 20160715
Jiangmin 20160715
K7AntiVirus 20160715
Kingsoft 20160715
Malwarebytes 20160715
Microsoft 20160715
NANO-Antivirus 20160715
nProtect 20160715
Qihoo-360 20160715
SUPERAntiSpyware 20160715
TheHacker 20160714
TotalDefense 20160713
TrendMicro 20160715
TrendMicro-HouseCall 20160715
VBA32 20160715
VIPRE 20160715
ViRobot 20160715
Yandex 20160715
Zillya 20160715
Zoner 20160715
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name SensorsApi.dll
Internal name Sensor API
File version 6.3.9605.17415 (winblue_r4.141028-1500)
Description Sensor API
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2036-06-02 01:38:26
Entry Point 0x00059CB0
Number of sections 14
PE sections
PE imports
ObjectPrivilegeAuditAlarmA
GetServiceKeyNameA
ImageList_LoadImageA
ExpandEnvironmentStringsW
ResetWriteWatch
ActivateActCtx
GetCurrentDirectoryA
IsBadCodePtr
FreeConsole
GetComputerNameA
CreateFileA
LoadLibraryA
PathUnExpandEnvStringsW
GetWindowLongA
CallWindowProcA
CharToOemBuffW
isprint
atan
Number of PE resources by type
MUI 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
3.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
6.3.9600.17415

UninitializedDataSize
8192

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
0

EntryPoint
0x59cb0

OriginalFileName
SensorsApi.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.3.9605.17415 (winblue_r4.141028-1500)

TimeStamp
2036:06:02 02:38:26+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Sensor API

ProductVersion
6.3.9605.17415

FileDescription
Sensor API

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
20480

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.3.9600.17415

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 55fca5289f81bcfbc2826ec52a1009a7
SHA1 f45f3f3906378c345b36221514d6259db6807be4
SHA256 8e4886512bc857772f732e2a6459364baf009a0b1ef7f8e5aa389045fc95312c
ssdeep
3072:QRyDYljV6Jla1RBfJJqxk/kb4YdT7mvIVHYbBG7:QEfJSfJUokb4YdT7mQ9YbBa

authentihash 4640bb28e958f93ec768d9ea5fd0064380f050515732ebfc406bb6584c2fafdb
imphash 5337489c0cc19a7d086a8d1845594ad2
File size 372.2 KB ( 381092 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-14 17:56:07 UTC ( 2 years, 3 months ago )
Last submission 2016-07-15 13:09:09 UTC ( 2 years, 3 months ago )
File names 55fca5289f81bcfbc2826ec52a1009a7 (1)
8e4886512bc857772f732e2a6459364baf009a0b1ef7f8e5aa389045fc95312c.exe
ywoRa82maiw.scr
55fca5289f81bcfbc2826ec52a1009a7
Sensor API
SensorsApi.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs
UDP communications