× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9642816de030262d9de3aee252e273429160c1fe50a84c983a5e0048ca3fe09f
File name: OSAPSVC
Detection ratio: 53 / 58
Analysis date: 2016-09-26 12:51:32 UTC ( 2 years, 6 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.3021 20160926
AegisLab Troj.W32.Generic!c 20160926
AhnLab-V3 Trojan/Win32.FakeAV.N242765533 20160926
ALYac Gen:Variant.Kazy.3021 20160926
Antiy-AVL Trojan[Downloader]/Win32.Small 20160926
Arcabit Trojan.Kazy.DBCD 20160926
Avast Win32:FakeSysdef-CB [Trj] 20160926
AVG FakeAlert.YI 20160926
Avira (no cloud) TR/Palevo.D 20160926
AVware Trojan.Win32.FakeAv.awrp (v) 20160926
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160926
BitDefender Gen:Variant.Kazy.3021 20160926
Bkav W32.WszugoXT.Worm 20160926
ClamAV Win.Trojan.Agent-264793 20160926
CMC Generic.Win32.193940fe40!CMCRadar 20160921
Comodo TrojWare.Win32.Kryptik.KFK 20160926
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Cyren W32/Thutani.A.gen!Eldorado 20160926
DrWeb Trojan.Advload.46 20160926
Emsisoft Gen:Variant.Kazy.3021 (B) 20160926
ESET-NOD32 Win32/TrojanDownloader.Small.OVG 20160926
F-Prot W32/Harnig.FP 20160926
F-Secure Gen:Variant.Kazy.3021 20160926
Fortinet W32/Krap.AON!tr 20160926
GData Gen:Variant.Kazy.3021 20160926
Ikarus Trojan.Win32.Ransom 20160926
Sophos ML generic.a 20160917
Jiangmin TrojanDownloader.Small.anmv 20160926
K7AntiVirus Trojan-Downloader ( 0006cbe21 ) 20160926
K7GW Trojan-Downloader ( 0006cbe21 ) 20160926
Kaspersky Trojan-Downloader.Win32.Small.kyd 20160926
Malwarebytes Trojan.Agent 20160926
McAfee Generic FakeAlert.am 20160923
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.mh 20160926
Microsoft Trojan:Win32/Toga!rfn 20160926
eScan Gen:Variant.Kazy.3021 20160926
NANO-Antivirus Trojan.Win32.Small.cuvsw 20160926
Panda Generic Malware 20160925
Qihoo-360 Malware.Radar01.Gen 20160926
Rising Trojan.Generic-7Rnw51DiWsR (cloud) 20160926
Sophos AV Mal/FakeAV-EA 20160926
SUPERAntiSpyware Trojan.Agent/Gen-FakeAlert 20160926
Symantec Trojan.FakeAV 20160926
Tencent Win32.Trojan-downloader.Small.Dxnd 20160926
TheHacker Trojan/Downloader.Small.ovg 20160926
TotalDefense Win32/Harnig.GNH 20160920
TrendMicro TROJ_FAKEAV.SM8 20160926
TrendMicro-HouseCall TROJ_FAKEAV.SM8 20160926
VBA32 Dropper.Troj.xa 20160923
VIPRE Trojan.Win32.FakeAv.awrp (v) 20160926
ViRobot Trojan.Win32.Downloader.28160.GC[h] 20160926
Yandex Trojan.DL.Harnig!sMmyp1dtWog 20160925
Zillya Downloader.Small.Win32.27749 20160924
Alibaba 20160926
CAT-QuickHeal 20160926
Kingsoft 20160926
nProtect 20160926
Zoner 20160926
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2011 (C)

Product OSAP Service
Original name OSAPSV.EXE
Internal name OSAPSVC
File version 2.0.4.1
Description OSAP Service
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-08-11 16:31:29
Entry Point 0x000010EB
Number of sections 5
PE sections
PE imports
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyW
CreateWellKnownSid
OpenProcessToken
RegSetValueExW
ConvertSidToStringSidW
RegQueryValueExA
EqualDomainSid
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
GetLengthSid
RegEnumValueW
IsWellKnownSid
RegDeleteKeyW
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
OpenThreadToken
GetLastError
GetComputerNameExW
GetConsoleOutputCP
GetSystemInfo
GetConsoleCP
Beep
QueryPerformanceCounter
WaitForSingleObject
GetTickCount
LoadLibraryA
FreeLibrary
GetCurrentProcess
SetThreadPriority
GetCurrentProcessId
DelayLoadFailureHook
UnhandledExceptionFilter
InterlockedCompareExchange
GetCurrentThread
CreateThread
SetUnhandledExceptionFilter
ResetEvent
GetSystemTimeAsFileTime
SetEvent
LocalFree
CreateEventW
VirtualFree
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
VirtualAlloc
LocalAlloc
SetLastError
CloseHandle
RtlInitUnicodeString
RtlSubAuthoritySid
RtlValidSid
NtQueryInformationToken
NtQueryValueKey
RtlInitializeCriticalSection
DbgPrint
RtlCopySid
NtAllocateVirtualMemory
RtlLeaveCriticalSection
NtLoadKey
RtlNtStatusToDosError
RtlFreeUnicodeString
RtlLengthSid
RtlEnterCriticalSection
RtlEqualSid
RtlSubAuthorityCountSid
RtlGetNtProductType
NtAllocateLocallyUniqueId
RtlConvertSidToUnicodeString
RtlLengthSecurityDescriptor
RtlMakeSelfRelativeSD
RtlInitString
RtlCopyLuid
NtClose
I_RpcMapWin32Status
RpcBindingFree
NdrClientCall2
RpcSsDestroyClientContext
I_RpcExceptionFilter
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW
_except_handler3
malloc
memmove
_adjust_fdiv
_wcsnicmp
free
wcscpy
wcslen
wcscat
wcsncmp
_initterm
wcsncpy
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2009:08:11 17:31:29+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4096

LinkerVersion
1.9

Warning
Error processing PE data dictionary

FileTypeExtension
exe

InitializedDataSize
96256

SubsystemVersion
4.0

EntryPoint
0x10eb

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
73728

File identification
MD5 193940fe408c1c08b65ab15d44e8a578
SHA1 feb39910337c2b1c9bd8604928af9fd49eec9227
SHA256 9642816de030262d9de3aee252e273429160c1fe50a84c983a5e0048ca3fe09f
ssdeep
768:LeLFCzqO6o3EK3eD276nTwYk80HNIZXIqR7:L47o3EK3H70wPGXd7

authentihash 43e09c894b757010a168691d983bb03bb6c05de31944d29f0854446adb3a9877
imphash 700e69c7bd2a62710059749ae8dc8417
File size 27.5 KB ( 28160 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2011-02-04 16:36:39 UTC ( 8 years, 2 months ago )
Last submission 2014-01-27 11:09:19 UTC ( 5 years, 2 months ago )
File names 193940FE408C1C08B65AB15D44E8A578
6d63151b97811f4302ecd98a60521274
93707.exe
_193940FE408C1C08B65AB15D44E8A578
smona130683494366346620488
193940fe408c1c08b65ab15d44e8a578feb39910337c2b1c9bd8604928af9fd49eec922728160.exe
aeec250bb49ca6c1ae467ec4538942cc
193940fe408c1c08b65ab15d44e8a578
OSAPSV.EXE
feb39910337c2b1c9bd8604928af9fd49eec9227.bin
107645.exe
OSAPSVC
834152
815257
193940fe408c1c08b65ab15d44e8a578.exe
feb39910337c2b1c9bd8604928af9fd49eec9227
file-3102303_exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!