× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 98af658bee174c87e6d14acc38e0d7775c870759cdac041a26ef39b163c64d2c
File name: jongpuzz3d.exe
Detection ratio: 2 / 70
Analysis date: 2019-02-09 14:46:04 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
CMC HackTool.Win32.SqlCrack!O 20190209
TheHacker Trojan/Generik.CYLDMKJ 20190203
Acronis 20190207
Ad-Aware 20190209
AegisLab 20190209
AhnLab-V3 20190209
Alibaba 20180921
ALYac 20190209
Antiy-AVL 20190209
Arcabit 20190208
Avast 20190209
Avast-Mobile 20190209
AVG 20190209
Avira (no cloud) 20190209
Babable 20180917
Baidu 20190201
BitDefender 20190209
Bkav 20190201
CAT-QuickHeal 20190209
ClamAV 20190209
Comodo 20190209
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190209
Cyren 20190209
DrWeb 20190209
eGambit 20190209
Emsisoft 20190209
Endgame 20181108
ESET-NOD32 20190209
F-Prot 20190209
F-Secure 20190209
Fortinet 20190209
GData 20190209
Ikarus 20190209
Sophos ML 20181128
Jiangmin 20190209
K7AntiVirus 20190209
K7GW 20190209
Kaspersky 20190209
Kingsoft 20190209
Malwarebytes 20190209
MAX 20190209
McAfee 20190209
McAfee-GW-Edition 20190208
Microsoft 20190209
eScan 20190209
NANO-Antivirus 20190209
Palo Alto Networks (Known Signatures) 20190209
Panda 20190209
Qihoo-360 20190209
Rising 20190209
SentinelOne (Static ML) 20190203
Sophos AV 20190209
SUPERAntiSpyware 20190206
Symantec 20190208
Symantec Mobile Insight 20190206
TACHYON 20190208
Tencent 20190209
TotalDefense 20190206
Trapmine 20190123
TrendMicro 20190209
TrendMicro-HouseCall 20190209
Trustlook 20190209
VBA32 20190208
ViRobot 20190209
Webroot 20190209
Yandex 20190207
Zillya 20190208
ZoneAlarm by Check Point 20190209
Zoner 20190208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Packers identified
F-PROT UPX, appended, UTF-8, ZIP
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-11-18 15:53:37
Entry Point 0x000049CB
Number of sections 4
PE sections
Overlays
MD5 d0d93bf3f663dbf3946666d34fe2a7fb
File type data
Offset 61440
Size 2516534
Entropy 8.00
PE imports
InitCommonControlsEx
GetSystemTime
GetLastError
HeapFree
GetStdHandle
LCMapStringW
SetHandleCount
LoadLibraryA
lstrlenA
WaitForSingleObject
GetOEMCP
LCMapStringA
HeapDestroy
ExitProcess
IsBadWritePtr
GetEnvironmentStringsW
FlushFileBuffers
RemoveDirectoryA
RtlUnwind
GetModuleFileNameA
GetLocalTime
FreeEnvironmentStringsA
GetCurrentProcess
GetEnvironmentStrings
SetThreadPriority
GetFileSize
CreateDirectoryA
DeleteFileA
GetCPInfo
UnhandledExceptionFilter
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
GetFileType
SetStdHandle
CompareStringW
GetTempPathA
RaiseException
CreateThread
GetStringTypeA
SetFilePointer
ReadFile
SetUnhandledExceptionFilter
IsBadCodePtr
WriteFile
GetStartupInfoA
CloseHandle
GetACP
HeapReAlloc
GetStringTypeW
SetEnvironmentVariableA
TerminateProcess
ResumeThread
CreateProcessA
GetTimeZoneInformation
WideCharToMultiByte
HeapCreate
VirtualFree
IsBadReadPtr
CreateFileA
HeapAlloc
GetVersion
VirtualAlloc
GetModuleHandleA
CompareStringA
GetMessageA
GetParent
OffsetRect
PostQuitMessage
ShowWindow
SetWindowPos
GetSystemMetrics
GetWindowRect
DispatchMessageA
PostMessageA
MessageBoxA
TranslateMessage
wsprintfA
SendMessageA
GetDlgItem
CreateDialogParamA
GetWindowLongA
LoadIconA
GetDesktopWindow
LoadImageA
IsDialogMessageA
DestroyWindow
CoUninitialize
CoInitialize
Number of PE resources by type
RT_ICON 1
RT_DIALOG 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:11:18 16:53:37+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
36864

LinkerVersion
6.0

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

EntryPoint
0x49cb

InitializedDataSize
24576

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 62a3d29c4d2a4d5045ea1938b1e43746
SHA1 c41dd0b2c2556436cc724840323ebed7a8d0ab0d
SHA256 98af658bee174c87e6d14acc38e0d7775c870759cdac041a26ef39b163c64d2c
ssdeep
49152:h1EBQXtmRYgADPJAA2kLYV0Hkx0/GxV4eijp+izmpzguwqCJtm47nereVZITKYoM:h1QQGYDDR3MJCexSwnpzdCLT1JnM

authentihash ae984406b6b033602edd439f4a82dcb311c2a52e825855cd832f11ab3cff77fa
imphash 2f6203366bc5aa9ff8b6cf7753ead32d
File size 2.5 MB ( 2577974 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (19.6%)
Win64 Executable (generic) (17.3%)
UPX compressed Win32 Executable (16.9%)
Win32 EXE Yoda's Crypter (16.6%)
Microsoft Visual C++ compiled executable (generic) (10.3%)
Tags
peexe upx overlay

VirusTotal metadata
First submission 2016-10-08 18:18:55 UTC ( 2 years, 5 months ago )
Last submission 2018-10-31 06:27:18 UTC ( 4 months, 2 weeks ago )
File names 20161221164631
98AF658BEE174C87E6D14ACC38E0D7775C870759CDAC041A26EF39B163C64D2C.exe
911633
jongpuzz3d.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
UDP communications