× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 99f69b43dac509094d1fbbec5358c6e1ce143248c08b37611ee0d26b33b4be48
File name: k_v2.exe
Detection ratio: 12 / 43
Analysis date: 2012-03-11 16:33:07 UTC ( 6 years, 10 months ago )
Antivirus Result Update
AntiVir DR/Drop.Bototer.ZR 20120309
Commtouch W32/MalwareF.LQQK 20120311
DrWeb Trojan.DownLoader.origin 20120311
eSafe Win32.DRDrop.Bototer 20120308
F-Prot W32/MalwareF.LQQK 20120311
K7AntiVirus Riskware 20120310
McAfee Artemis!56CE4FA3935B 20120308
McAfee-GW-Edition Artemis!56CE4FA3935B 20120311
Norman W32/Smalltroj.ZKJK 20120310
TrendMicro TROJ_GEN.R47C2L8 20120311
TrendMicro-HouseCall TROJ_GEN.R47C2L8 20120311
VIPRE Trojan.Win32.Generic!BT 20120311
AhnLab-V3 20120310
Antiy-AVL 20120311
Avast 20120311
AVG 20120311
BitDefender 20120311
ByteHero 20120309
CAT-QuickHeal 20120311
ClamAV 20120311
Comodo 20120311
Emsisoft 20120311
eTrust-Vet 20120310
F-Secure 20120311
Fortinet 20120311
GData 20120311
Ikarus 20120311
Jiangmin 20120301
Kaspersky 20120311
Microsoft 20120311
NOD32 20120311
nProtect 20120311
Panda 20120311
PCTools 20120311
Prevx 20120311
Rising 20120309
Sophos AV 20120311
SUPERAntiSpyware 20120308
Symantec 20120311
TheHacker 20120309
VBA32 20120311
ViRobot 20120311
VirusBuster 20120311
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
____(c) 2010 _____

Publisher _____
Product _____
File version 2.2.1.1671
Description _____ v2.2(Build 1671) ____
Comments _____ v2.2(Build 1671)
PE header basic information
Number of sections 5
PE sections
PE imports
RegEnumKeyW, RegOpenKeyExW, RegCloseKey, RegDeleteKeyW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegEnumValueW
ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectW, SetBkMode, SetTextColor, SelectObject
SetFileTime, CompareFileTime, SearchPathW, GetShortPathNameW, GetFullPathNameW, MoveFileW, SetCurrentDirectoryW, GetFileAttributesW, GetLastError, CreateDirectoryW, SetFileAttributesW, Sleep, GetTickCount, CreateFileW, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, ExitProcess, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, SetErrorMode, CloseHandle, lstrlenW, lstrcpynW, GetDiskFreeSpaceW, GlobalUnlock, GlobalLock, CreateThread, LoadLibraryW, CreateProcessW, lstrcmpiA, GetTempFileNameW, lstrcatW, GetProcAddress, LoadLibraryA, GetModuleHandleA, OpenProcess, lstrcpyW, GetVersionExW, GetSystemDirectoryW, GetVersion, lstrcpyA, RemoveDirectoryW, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GlobalFree, GetModuleHandleW, LoadLibraryExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, WideCharToMultiByte, MulDiv, lstrlenA, WriteFile, ReadFile, MultiByteToWideChar, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW, lstrcpynA
SHBrowseForFolderW, SHGetPathFromIDListW, SHGetFileInfoW, ShellExecuteW, SHFileOperationW, SHGetSpecialFolderLocation
ScreenToClient, GetMessagePos, CallWindowProcW, IsWindowVisible, LoadBitmapW, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, TrackPopupMenu, GetWindowRect, AppendMenuW, CreatePopupMenu, GetSystemMetrics, EndDialog, EnableMenuItem, GetSystemMenu, SetClassLongW, IsWindowEnabled, SetWindowPos, DialogBoxParamW, CheckDlgButton, CreateWindowExW, SystemParametersInfoW, RegisterClassW, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharNextA, CharUpperW, CharPrevW, DispatchMessageW, PeekMessageW, wsprintfA, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, LoadCursorW, SetCursor, GetWindowLongW, GetSysColor, CharNextW, GetClassInfoW, ExitWindowsEx, FindWindowExW, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndPaint, IsWindow
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
ExifTool file metadata
SpecialBuild
100079

UninitializedDataSize
16896

Comments
v2.2(Build 1671)

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.2.1.1671

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x0000

CharacterSet
Windows, Chinese (Simplified)

InitializedDataSize
431104

MIMEType
application/octet-stream

LegalCopyright
2010

FileVersion
2.2.1.1671

TimeStamp
2009:08:07 21:30:37+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

ProductVersion
2.2.1.1671

FileDescription
v2.2(Build 1671)

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName

CodeSize
25600

ProductName

ProductVersionNumber
2.2.1.1671

EntryPoint
0x3542

ObjectFileType
Executable application

File identification
MD5 56ce4fa3935b622771dc47f06d4b5620
SHA1 ae169765a76dd712bfb5e454d20bd355758eee15
SHA256 99f69b43dac509094d1fbbec5358c6e1ce143248c08b37611ee0d26b33b4be48
ssdeep
49152:DMb1wXGRcRW8rJWpPRYfk5xYE3S77BI4dsdmgpt6uSndWLmF0pWmfn:DM6GRcgyJCPRYfEYE3SHG4dsdzptandk

File size 2.0 MB ( 2075415 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
VirusTotal metadata
First submission 2010-07-21 19:51:45 UTC ( 8 years, 6 months ago )
Last submission 2012-03-11 16:33:07 UTC ( 6 years, 10 months ago )
File names zPhELPGPk.dotx
k_v2.exe
aa
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!