× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8f7260ad0ff826898316f37f3956b54b429d36f198311bcb4da390cbae5545fe
File name: 9e2d733f5721ac6e217a1d720905ced674fc5ea7
Detection ratio: 6 / 56
Analysis date: 2015-06-26 01:05:30 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
Bkav HW32.Packed.72F3 20150625
ESET-NOD32 Win32/Spy.Zbot.ACB 20150626
Kaspersky UDS:DangerousObject.Multi.Generic 20150626
Rising PE:Malware.XPACK-HIE/Heur!1.9C48 20150625
TrendMicro TROJ_FORUCON.BMC 20150626
TrendMicro-HouseCall TROJ_FORUCON.BMC 20150626
Ad-Aware 20150626
AegisLab 20150626
Yandex 20150625
AhnLab-V3 20150625
Alibaba 20150625
ALYac 20150626
Antiy-AVL 20150625
Arcabit 20150625
Avast 20150626
AVG 20150625
Avira (no cloud) 20150626
AVware 20150626
Baidu-International 20150625
BitDefender 20150626
ByteHero 20150626
CAT-QuickHeal 20150625
ClamAV 20150625
Comodo 20150626
Cyren 20150625
DrWeb 20150626
Emsisoft 20150626
F-Prot 20150625
F-Secure 20150625
Fortinet 20150626
GData 20150626
Ikarus 20150626
Jiangmin 20150625
K7AntiVirus 20150625
K7GW 20150625
Kingsoft 20150626
Malwarebytes 20150625
McAfee 20150626
McAfee-GW-Edition 20150626
Microsoft 20150626
eScan 20150626
NANO-Antivirus 20150626
nProtect 20150625
Panda 20150625
Qihoo-360 20150626
Sophos AV 20150626
SUPERAntiSpyware 20150626
Symantec 20150626
Tencent 20150626
TheHacker 20150625
TotalDefense 20150625
VBA32 20150625
VIPRE 20150626
ViRobot 20150626
Zillya 20150625
Zoner 20150626
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2006-2011 Satisfyd

Publisher Satisfyd
Product LoudFive
Original name batcow.exe
Internal name LoudFive
File version 6.2.6018.6345
Description LoudFive
Comments LoudFive
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-06-24 10:38:04
Entry Point 0x00001F77
Number of sections 4
PE sections
PE imports
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GlobalFree
WaitForSingleObject
SetEvent
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
GetVersionExA
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
LoadLibraryExA
GetEnvironmentStrings
GetLocaleInfoA
GetCurrentProcessId
LCMapStringA
GetCurrentDirectoryA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GlobalLock
SetEnvironmentVariableA
GetStringTypeA
GetProcessHeap
CompareStringW
QueryPerformanceFrequency
WideCharToMultiByte
TlsFree
GetModuleHandleA
SetTapeParameters
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
CompareStringA
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetProcAddress
HeapDestroy
GetOEMCP
TerminateProcess
GetTimeZoneInformation
InitializeCriticalSection
HeapCreate
GlobalAlloc
VirtualFree
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
ExitProcess
GetCurrentThreadId
LeaveCriticalSection
VirtualAlloc
SetLastError
InterlockedIncrement
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
LoudFive

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.2.6018.6345

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
LoudFive

CharacterSet
Unicode

InitializedDataSize
188416

EntryPoint
0x1f77

OriginalFileName
batcow.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2006-2011 Satisfyd

FileVersion
6.2.6018.6345

TimeStamp
2015:06:24 11:38:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
LoudFive

ProductVersion
6.2.6018.6345

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Satisfyd

CodeSize
159744

ProductName
LoudFive

ProductVersionNumber
6.2.6018.6345

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 49c1434639c08ba4d2c891d4e3aedcb2
SHA1 9e2d733f5721ac6e217a1d720905ced674fc5ea7
SHA256 8f7260ad0ff826898316f37f3956b54b429d36f198311bcb4da390cbae5545fe
ssdeep
6144:N8XSWPwGCDcH5lWLWUdnk8PY7flQlk3aPJlC8NH:NxWPwZgHO6UtYj6lk3aa8h

authentihash 0bfb43da03e5d906bbe40b1815ae11ac3225c0e5bb3d1cea7899c569c99e9964
imphash 5d3dbbfb984f964fcb5f2fa6c1ec93e8
File size 272.0 KB ( 278528 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2015-06-26 01:05:30 UTC ( 3 years, 8 months ago )
Last submission 2015-06-26 01:05:30 UTC ( 3 years, 8 months ago )
File names LoudFive
batcow.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs