× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 970936fae4b743995d6686e9617c1a321cdb70da05fe10fc0f96981036efce23
File name: malware4.exe
Detection ratio: 12 / 56
Analysis date: 2016-05-10 20:23:13 UTC ( 3 years ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160510
Bkav HW32.Packed.B091 20160510
DrWeb Trojan.Encoder.4466 20160510
McAfee Ransomware-FJB!0D027C5F6A16 20160510
McAfee-GW-Edition BehavesLike.Win32.ZeroAccess.cc 20160510
eScan Gen:Variant.Locky.12 20160510
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20160510
Rising Malware.XPACK-HIE/Heur!1.9C48 20160510
Symantec Suspicious.Cloud.7.F 20160510
Tencent Win32.Trojan.Raas.Auto 20160510
VBA32 BScope.Trojan.Diple 20160510
Zillya Trojan.PCryptGen.Win32.4 20160510
Ad-Aware 20160510
AegisLab 20160510
AhnLab-V3 20160510
Alibaba 20160510
ALYac 20160510
Antiy-AVL 20160510
Arcabit 20160510
Avast 20160510
AVG 20160510
Avira (no cloud) 20160510
AVware 20160510
Baidu-International 20160510
BitDefender 20160510
CAT-QuickHeal 20160510
ClamAV 20160509
CMC 20160510
Comodo 20160510
Cyren 20160510
Emsisoft 20160510
ESET-NOD32 20160510
F-Prot 20160510
F-Secure 20160510
Fortinet 20160510
GData 20160510
Ikarus 20160510
Jiangmin 20160510
K7AntiVirus 20160510
K7GW 20160510
Kaspersky 20160510
Kingsoft 20160510
Malwarebytes 20160510
Microsoft 20160510
NANO-Antivirus 20160510
nProtect 20160510
Panda 20160510
Sophos AV 20160510
SUPERAntiSpyware 20160510
TheHacker 20160510
TrendMicro 20160510
TrendMicro-HouseCall 20160510
VIPRE 20160510
ViRobot 20160510
Yandex 20160510
Zoner 20160510
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2007-2012 All rights Reserved.

Product FLAC to MP3 Converter
Original name FLAC to MP3 Converter.exe
Internal name SLAC to MP3 Converter.exe
File version 6, 1, 7, 0
Description FLAC to MP3 Converter
Comments FLAC to MP3 Converter
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-10 15:57:28
Entry Point 0x00007552
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
RegCreateKeyW
OpenServiceW
ControlService
RegEnumKeyW
DeleteService
RegQueryValueExW
CloseServiceHandle
RegisterEventSourceW
OpenProcessToken
DeregisterEventSource
RegOpenKeyExW
SetTokenInformation
RegOpenKeyW
RegisterServiceCtrlHandlerExW
CreateServiceW
GetTokenInformation
DuplicateTokenEx
SetServiceStatus
BuildExplicitAccessWithNameW
CreateProcessAsUserW
GetNamedSecurityInfoW
SetEntriesInAclW
RevertToSelf
StartServiceW
RegSetValueExW
EnumDependentServicesW
OpenSCManagerW
ReportEventW
QueryServiceStatusEx
StartServiceCtrlDispatcherW
ChangeServiceConfigW
SetNamedSecurityInfoW
CancelDC
AnimatePalette
AddFontMemResourceEx
CloseFigure
ReplaceFileA
GetStdHandle
FileTimeToDosDateTime
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
lstrcmpW
GetLocalTime
GetProfileIntA
DeleteCriticalSection
GetCurrentProcess
GetDriveTypeW
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
LoadLibraryExW
SetErrorMode
FreeEnvironmentStringsW
GlobalFindAtomA
FindResourceExA
SetFileAttributesA
GetFileTime
GetTempPathA
GetCPInfo
lstrcmpiA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
GetDiskFreeSpaceA
GetStringTypeW
GetFullPathNameA
SetEvent
LocalFree
MoveFileA
ResumeThread
InitializeCriticalSection
LoadResource
GlobalHandle
InterlockedDecrement
FormatMessageA
GetStringTypeExA
SetLastError
GetUserDefaultUILanguage
LocalLock
GetUserDefaultLangID
GetModuleFileNameW
CopyFileA
HeapAlloc
FlushFileBuffers
RemoveDirectoryA
QueryPerformanceFrequency
HeapSetInformation
GetVolumeInformationA
LoadLibraryExA
GetPrivateProfileStringA
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
FindNextChangeNotification
GetModuleHandleA
GlobalAddAtomW
CreateThread
GetSystemDirectoryW
GetSystemDefaultUILanguage
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
IsProcessorFeaturePresent
SetEnvironmentVariableA
SetPriorityClass
TerminateProcess
FindCloseChangeNotification
GetVersion
GetNumberFormatA
GlobalAlloc
SearchPathA
SetEndOfFile
GetCurrentThreadId
GetProcAddress
SetCurrentDirectoryA
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
GetVersionExA
LoadLibraryA
RtlUnwind
GlobalSize
LeaveCriticalSection
UnlockFile
SystemTimeToFileTime
WinExec
GetFileSize
GlobalDeleteAtom
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetStartupInfoW
WaitForMultipleObjects
GetProcessHeap
CompareStringW
GetFileSizeEx
GlobalReAlloc
GetFileInformationByHandle
lstrcmpA
lstrcpyA
EnumResourceNamesA
CompareStringA
GetTempFileNameA
CreateFileMappingA
DuplicateHandle
ExpandEnvironmentStringsA
GetCurrentDirectoryW
GetModuleFileNameA
GetTimeZoneInformation
CreateFileW
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
LocalUnlock
InterlockedIncrement
GetLastError
IsValidCodePage
LocalReAlloc
DosDateTimeToFileTime
LCMapStringW
FindFirstChangeNotificationA
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
GetShortPathNameA
OpenFile
FileTimeToLocalFileTime
SizeofResource
LocalFileTimeToFileTime
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
SetFileTime
HeapQueryInformation
GetCurrentDirectoryA
EnumResourceTypesA
HeapSize
SetStdHandle
GetCommandLineA
CancelIo
GetCurrentThread
SuspendThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
GlobalFlags
AddAtomA
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
FindResourceExW
CreateProcessA
WideCharToMultiByte
CompareFileTime
HeapCreate
FindResourceW
Sleep
GetFileAttributesExA
FindResourceA
GetOEMCP
ResetEvent
GetModuleInformation
GetModuleFileNameExW
SHGetSpecialFolderPathW
SHEmptyRecycleBinW
SHGetMalloc
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathQuoteSpacesW
StrStrIW
PathAppendW
PathCombineW
MapWindowPoints
SetFocus
GetMonitorInfoW
GetParent
LoadIconA
DestroyWindow
EnumWindows
DefWindowProcW
KillTimer
DestroyMenu
TrackMouseEvent
GetMessageW
PostQuitMessage
ShowWindow
MessageBeep
LoadMenuW
SetWindowPos
RemoveMenu
GetWindowThreadProcessId
CharLowerA
SetWindowLongW
IsWindow
PeekMessageW
GetWindowRect
EnableWindow
UnregisterClassA
IsWindowUnicode
EnumChildWindows
AppendMenuW
GetWindowDC
DestroyCursor
CharNextW
IsWindowEnabled
GetWindow
PostMessageW
TrackPopupMenuEx
DispatchMessageW
GetWindowLongW
GetCursorPos
ReleaseDC
UpdateLayeredWindow
CreatePopupMenu
SendMessageW
LoadStringA
TranslateAcceleratorW
PtInRect
LoadStringW
SetWindowTextW
DrawTextW
CallWindowProcW
MonitorFromWindow
ScreenToClient
InvalidateRect
SetTimer
LoadImageW
GetClassNameW
GetKeyboardLayout
GetMenuItemCount
MonitorFromPoint
GetClientRect
GetWindowTextW
LoadCursorW
GetFocus
GetTopWindow
SetForegroundWindow
TranslateMessage
SetCursor
GetMenuItemInfoW
VerQueryValueW
WTSEnumerateSessionsW
WTSFreeMemory
_except_handler3
_exit
_CIsin
_CIcos
__set_app_type
CoInitialize
OleUIBusyW
Number of PE resources by type
RT_STRING 12
RT_ICON 3
RT_BITMAP 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH NEUTRAL 12
ENGLISH US 7
PE resources
Debug information
ExifTool file metadata
SpecialBuild
2012.01.12

SubsystemVersion
5.0

Comments
FLAC to MP3 Converter

InitializedDataSize
132608

ImageVersion
10.0

ProductName
FLAC to MP3 Converter

FileVersionNumber
6.1.7.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, No symbols, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
10.0

PrivateBuild
2012.01.12

FileTypeExtension
exe

OriginalFileName
FLAC to MP3 Converter.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6, 1, 7, 0

TimeStamp
2016:05:10 16:57:28+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
SLAC to MP3 Converter.exe

ProductVersion
6, 1, 7, 0

FileDescription
FLAC to MP3 Converter

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright (C) 2007-2012 All rights Reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Accmeware Corporation

CodeSize
60416

FileSubtype
0

ProductVersionNumber
6.1.7.0

EntryPoint
0x7552

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 0d027c5f6a16b68572948c3928078ea8
SHA1 07b1dffe8763f58c2d3c5c647416db16394bd936
SHA256 970936fae4b743995d6686e9617c1a321cdb70da05fe10fc0f96981036efce23
ssdeep
3072:tVUjiXYZ2m+eyPmhS9O9MhHmkdcYJRuDRVMNUe+h9hE30EoNvI9:thIx+pPES9bvcYyMN1sblEoN

authentihash 68a5aec4c254ea932605d4544089d97c97adccd461d5325f6ecebb685cbc93bb
imphash 8970b66fd051935e4caeaa5902f092bf
File size 133.5 KB ( 136704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-05-10 20:23:13 UTC ( 3 years ago )
Last submission 2017-08-06 22:17:24 UTC ( 1 year, 9 months ago )
File names 0d027c5f6a16b68572948c3928078ea8
SLAC to MP3 Converter.exe
malware4.exe
FLAC to MP3 Converter.exe
rt5tdf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Moved files
Deleted files
Created processes
Shell commands
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
HTTP requests
TCP connections