× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9275092f71732cf4e1dd1dc5d48e7a17cfc19e1069bffa9777b59c50dbb0e130
File name: FzPfH6.exe
Detection ratio: 3 / 47
Analysis date: 2013-07-09 08:20:12 UTC ( 5 years, 10 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Inject 20130708
Fortinet W32/Kryptik.BDPK!tr 20130709
Malwarebytes Malware.Packer.rf 20130709
Yandex 20130708
AntiVir 20130709
Antiy-AVL 20130709
Avast 20130709
AVG 20130709
BitDefender 20130709
ByteHero 20130613
CAT-QuickHeal 20130708
ClamAV 20130709
Commtouch 20130709
Comodo 20130709
DrWeb 20130709
Emsisoft 20130709
eSafe 20130709
ESET-NOD32 20130708
F-Prot 20130709
F-Secure 20130709
GData 20130709
Ikarus 20130709
Jiangmin 20130709
K7AntiVirus 20130708
K7GW 20130708
Kaspersky 20130709
Kingsoft 20130708
McAfee 20130709
McAfee-GW-Edition 20130709
Microsoft 20130709
eScan 20130709
NANO-Antivirus 20130709
Norman 20130708
nProtect 20130709
Panda 20130708
PCTools 20130709
Rising 20130709
Sophos AV 20130709
SUPERAntiSpyware 20130709
Symantec 20130709
TheHacker 20130708
TotalDefense 20130708
TrendMicro 20130709
TrendMicro-HouseCall 20130709
VBA32 20130708
VIPRE 20130709
ViRobot 20130709
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-11-13 23:15:40
Entry Point 0x0000204D
Number of sections 6
PE sections
PE imports
GetExitCodeProcess
GetLastError
lstrcpyW
GetStartupInfoW
HeapSize
GetFileSize
GetModuleHandleA
HeapCreate
ReadFile
lstrcatA
InterlockedExchange
CreateEventA
IsBadWritePtr
SetConsoleTitleA
CloseHandle
SetFileTime
LoadLibraryA
GetStringTypeA
LeaveCriticalSection
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow
DllRegisterServer
DwRasUninitialize
ExtractIconA
SHFree
ShellMessageBoxW
DragAcceptFiles
DuplicateIcon
DllUnregisterServer
SHGetSettings
SHGetDiskFreeSpaceA
StrChrA
DragQueryFileA
ShellAboutA
SHGetMalloc
DragFinish
Number of PE resources by type
RT_ICON 4
RT_GROUP_ICON 1
RT_RCDATA 1
Number of PE resources by language
NEUTRAL 6
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2003:11:14 00:15:40+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4608

LinkerVersion
0.255

EntryPoint
0x204d

InitializedDataSize
0

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 edfacc467ab47312742c9cb704394571
SHA1 bb5356925af552477112118d7d9fa360b4ed45ce
SHA256 9275092f71732cf4e1dd1dc5d48e7a17cfc19e1069bffa9777b59c50dbb0e130
ssdeep
6144:mAQDPnPsHhCyhL/xbHuxirCNFZSgDImBLC4zwxS52EagpdnovKA:4PnP8HukrCN7SgDLBLvaSjdpyvK

File size 305.5 KB ( 312832 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.2%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-09 08:20:12 UTC ( 5 years, 10 months ago )
Last submission 2013-07-09 08:20:12 UTC ( 5 years, 10 months ago )
File names FzPfH6.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!