× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 90c17a1dd07536e7e23a8b0b4c2ffa681741142feae817defa973c34d4f29d01
File name: ht5x0212c7hjs-0.tmp
Detection ratio: 38 / 56
Analysis date: 2015-08-07 01:01:51 UTC ( 2 years ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.4608 20150807
AegisLab Troj.W32.Gen 20150806
Yandex Trojan.Simda!qGtAIf4Jb/Q 20150806
ALYac Gen:Variant.Symmi.4608 20150807
Antiy-AVL Trojan[:HEUR]/Win32.Unknown 20150806
Arcabit Trojan.Symmi.D1200 20150807
Avast Win32:Trojan-gen 20150807
AVG SHeur4.BGUK 20150806
Avira (no cloud) TR/Crypt.XPACK.Gen 20150807
AVware Backdoor.Win32.Simda.b (v) 20150807
BitDefender Gen:Variant.Symmi.4608 20150807
Comodo UnclassifiedMalware 20150806
Cyren W32/FraudLoad.C!Generic 20150807
Emsisoft Gen:Variant.Symmi.4608 (B) 20150807
ESET-NOD32 Win32/Simda.P 20150807
F-Prot W32/FraudLoad.C!Generic 20150807
F-Secure Gen:Variant.Symmi.4608 20150807
Fortinet W32/Simda.B!tr 20150804
GData Gen:Variant.Symmi.4608 20150807
Ikarus Trojan.Win32.Claretore 20150807
Jiangmin Trojan/Generic.bgxyc 20150806
Kaspersky HEUR:Trojan.Win32.Generic 20150807
Kingsoft Win32.Troj.Generic.a.(kcloud) 20150807
McAfee Artemis!C36254EBF481 20150807
McAfee-GW-Edition BehavesLike.Win32.Trojan.ch 20150806
Microsoft Trojan:Win32/Claretore.L 20150806
eScan Gen:Variant.Symmi.4608 20150807
NANO-Antivirus Trojan.Win32.Rodricter.bpcuud 20150807
Panda Trj/OCJ.E 20150806
Qihoo-360 HEUR/Malware.QVM40.Gen 20150807
Sophos AV Mal/Generic-S 20150807
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20150807
Symantec Trojan.Gen 20150807
TrendMicro TROJ_SPNR.35E013 20150807
TrendMicro-HouseCall TROJ_SPNR.35E013 20150807
VBA32 TrojanDropper.Sysn 20150806
VIPRE Backdoor.Win32.Simda.b (v) 20150807
Zillya Trojan.Simda.Win32.487 20150806
AhnLab-V3 20150806
Alibaba 20150803
Baidu-International 20150806
Bkav 20150806
ByteHero 20150807
CAT-QuickHeal 20150806
ClamAV 20150806
DrWeb 20150807
K7AntiVirus 20150806
K7GW 20150806
Malwarebytes 20150807
nProtect 20150806
Rising 20150731
Tencent 20150807
TheHacker 20150805
TotalDefense 20150807
ViRobot 20150807
Zoner 20150807
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2008-03-26 18:34:11
Entry Point 0x0000A414
Number of sections 5
PE sections
PE imports
Module32FirstW
TlsFree
_lcreat
WritePrivateProfileStructA
Module32NextW
GetCommandLineW
GetVolumeInformationW
PulseEvent
WritePrivateProfileSectionA
OpenConsoleW
VirtualAlloc
lineDeallocateCall
lineInitializeExW
lineGetAppPriorityW
lineGetDevCaps
lineGetDevConfigA
LogonIdFromWinStationNameW
WinStationEnumerateProcesses
WinStationReset
WinStationFreeMemory
ServerLicensingOpenW
WinStationEnumerateW
WinStationDisconnect
ServerLicensingClose
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2008:03:26 19:34:11+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
118784

LinkerVersion
4.0

EntryPoint
0xa414

InitializedDataSize
151552

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 c36254ebf4819085cc714442e331b6f2
SHA1 85e6b52a28589fc8afd100dfac934f4f42c0447f
SHA256 90c17a1dd07536e7e23a8b0b4c2ffa681741142feae817defa973c34d4f29d01
ssdeep
3072:wtJ03Z0OQhadMZa3BhODfRLbyEi6AHneniGIv:aJ0pbMZaxhOB6k

authentihash c21b5c50b21ca2b75a11f60b9ee1d20caf24594a60bb759ff8b98a1380c872c8
imphash 5e3c93869ddb0324f69d4aca9ebc10e8
File size 151.0 KB ( 154624 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
pedll

VirusTotal metadata
First submission 2013-04-19 17:09:25 UTC ( 4 years, 4 months ago )
Last submission 2013-08-11 11:26:49 UTC ( 4 years ago )
File names ht5x0212c7hjs-0.tmp
vlsuho12a8uu6-10083.tmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!