× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 929dc09a8bd8491b77f050a2736d39c30597ec7090d8f081eeb6179b6f8ab033
File name: DarkSeoul_F0E045210E3258DAD91D7B6B4D64E7F3
Detection ratio: 39 / 46
Analysis date: 2013-04-01 16:51:32 UTC ( 5 years, 10 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Win-Trojan/Agent.24576.JPF 20130401
AntiVir TR/KillMBR.Y 20130401
Antiy-AVL Trojan/Win32.EraseMBR 20130401
Avast Win32:DarkSeoul-C [Trj] 20130401
AVG Agent4.AKHE 20130401
BitDefender Gen:Variant.Graftor.75818 20130401
ByteHero Virus.Win32.Heur.c 20130322
CAT-QuickHeal Trojan.Dembr 20130401
ClamAV Win.Trojan.Agent-257543 20130401
Commtouch W32/Trojan.RNCH-6917 20130401
Comodo TrojWare.Win32.PkdKrap.Ai1 20130401
DrWeb Trojan.KillFiles.10563 20130401
Emsisoft Gen:Trojan.Heur.FU.bqX@aOjrSMh (B) 20130401
ESET-NOD32 Win32/KillDisk.NAS 20130401
F-Secure Gen:Variant.Graftor.75818 20130401
Fortinet Malware_fam.NB 20130401
GData Gen:Variant.Graftor.75818 20130401
Ikarus Trojan.MBR.Killer 20130401
K7AntiVirus Trojan 20130401
Kaspersky Trojan.Win32.EraseMBR.c 20130401
Kingsoft Win32.Troj.Undef.(kcloud) 20130401
Malwarebytes Trojan.MBR.Killer 20130401
McAfee KillMBR-FBIA 20130401
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J!87 20130401
Microsoft Trojan:Win32/Dembr.A 20130401
NANO-Antivirus Virus.Win32.Gen.ccmw 20130401
Norman DarkSeoul.A 20130401
nProtect Trojan/W32.KillMBR.Gen 20130401
Panda Trj/Jokra.A 20130401
PCTools Trojan.Jokra 20130401
Rising Trojan.Win32.Generic.1450E09F 20130328
Sophos AV Troj/MBRKill-A 20130401
Symantec Trojan.Jokra 20130401
TheHacker Trojan/KillDisk.nas 20130401
TrendMicro TROJ_KILLMBR.SM 20130401
TrendMicro-HouseCall TROJ_KILLMBR.SM 20130401
VBA32 OScope.Trojan.KillMBR.2113 20130330
VIPRE Trojan.Win32.Generic!BT 20130401
ViRobot Trojan.Win32.S.KillMBR.24576.B 20130401
Yandex 20130401
eSafe 20130328
F-Prot 20130401
Jiangmin 20130331
eScan 20130401
SUPERAntiSpyware 20130401
TotalDefense 20130401
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-31 10:27:18
Entry Point 0x00001000
Number of sections 4
PE sections
Overlays
MD5 53e979547d8c2ea86560ac45de08ae25
File type ASCII text
Offset 23040
Size 1536
Entropy 0.00
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
4.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2013:01:31 11:27:18+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
8192

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x1000

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 f0e045210e3258dad91d7b6b4d64e7f3
SHA1 4079b6212a5398b6912a37f27a8c39ca3a7f8585
SHA256 929dc09a8bd8491b77f050a2736d39c30597ec7090d8f081eeb6179b6f8ab033
ssdeep
384:e5uXGw/ClCTEZ3WDcXDMEN5yyqbpcrumoZ:UsD/Cl6E9UcXy/pCumo

authentihash 60ba5186e575ea4b8847e30a21d7051642e297d8a3cb63a5900ee92415788f21
File size 24.0 KB ( 24576 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2013-03-20 09:33:58 UTC ( 5 years, 11 months ago )
Last submission 2018-11-10 05:17:01 UTC ( 3 months, 1 week ago )
File names 929dc09a8bd8491b77f050a2736d39c30597ec7090d8f081eeb6179b6f8ab033
file-5837647_
05_f0e045210e3258dad91d7b6b4d64e7f3.exe-
005834176
DarkSeoul_F2
DarkSeoul_F0E045210E3258DAD91D7B6B4D64E7F3
DarkSeoul_F0E045210E3258DAD91D7B6B4D64E7F3
db4bbdc36a78a8807ad9b15a562515c4_f0e045210e3258dad91d7b6b4d64e7f3_unpacked.exe
vti-rescan
DarkSeoul_F0E045210E3258DAD91D7B6B4D64E7F3
33021932
DarkSeoul_F0E045210E3258DAD91D7B6B4D64E7F3.exe
DarkSeoul_F0E045210E3258DAD91D7B6B4D64E7F3
f0e045210e3258dad91d7b6b4d64e7f3.virus
output.33021932.txt
f0e045210e3258dad91d7b6b4d64e7f3
F0E045210E3258DAD91D7B6B4D64E7F3
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!