× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9aa7625f2d537763e5a887f8c2b81bf9f3a8a330090e638c101fc73a2caba525
File name: Plagiatus
Detection ratio: 5 / 67
Analysis date: 2018-04-20 12:51:55 UTC ( 11 months ago )
Antivirus Result Update
Cylance Unsafe 20180420
McAfee Artemis!51D300DD5A4E 20180420
McAfee-GW-Edition BehavesLike.Win32.Backdoor.tc 20180420
Palo Alto Networks (Known Signatures) generic.ml 20180420
Sophos AV Mal/Generic-L 20180420
Ad-Aware 20180420
AegisLab 20180420
AhnLab-V3 20180420
Alibaba 20180420
ALYac 20180420
Antiy-AVL 20180418
Arcabit 20180420
Avast 20180420
Avast-Mobile 20180420
AVG 20180420
Avira (no cloud) 20180420
AVware 20180420
Babable 20180406
Baidu 20180419
BitDefender 20180420
Bkav 20180410
CAT-QuickHeal 20180419
ClamAV 20180420
CMC 20180420
Comodo 20180420
CrowdStrike Falcon (ML) 20180418
Cybereason 20180225
Cyren 20180420
DrWeb 20180420
eGambit 20180420
Emsisoft 20180420
Endgame 20180403
ESET-NOD32 20180420
F-Prot 20180420
F-Secure 20180407
Fortinet 20180420
GData 20180420
Sophos ML 20180121
Jiangmin 20180420
K7AntiVirus 20180420
K7GW 20180420
Kaspersky 20180420
Kingsoft 20180420
Malwarebytes 20180420
MAX 20180420
Microsoft 20180420
eScan 20180420
NANO-Antivirus 20180420
nProtect 20180420
Panda 20180419
Qihoo-360 20180420
Rising 20180420
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180420
Symantec 20180420
Symantec Mobile Insight 20180419
Tencent 20180420
TheHacker 20180415
TotalDefense 20180420
TrendMicro 20180420
TrendMicro-HouseCall 20180420
Trustlook 20180420
VBA32 20180420
VIPRE 20180420
ViRobot 20180420
Webroot 20180420
Yandex 20180419
Zillya 20180419
ZoneAlarm by Check Point 20180420
Zoner 20180419
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright 2009

Product Plagiatus
Original name plagiatus.exe
Internal name Plagiatus
File version 1, 2, 0, 93
Description Plagiatus
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-08-15 08:10:22
Entry Point 0x002FDF50
Number of sections 3
PE sections
PE imports
RegCloseKey
GetOpenFileNameA
DPtoLP
VirtualFree
ExitProcess
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
VarBstrCat
ShellExecuteA
SHAutoComplete
VerQueryValueA
Ord(35)
__WSAFDIsSet
GdipFree
DoDragDrop
FindMimeFromData
Number of PE resources by type
RT_BITMAP 73
RT_STRING 8
RT_DIALOG 7
RT_ICON 6
Struct(241) 3
GIFTYPE 2
TEXT 2
PNG 2
BIN 1
RT_MANIFEST 1
RT_MENU 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_HTML 1
Number of PE resources by language
RUSSIAN 92
ENGLISH US 17
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.2.0.93

UninitializedDataSize
1978368

LanguageCode
Russian

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
110592

EntryPoint
0x2fdf50

OriginalFileName
plagiatus.exe

Manufacturer
Plagiatus

MIMEType
application/octet-stream

LegalCopyright
Copyright 2009

FileVersion
1, 2, 0, 93

TimeStamp
2012:08:15 09:10:22+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Plagiatus

ProductVersion
1, 2, 0, 93

FileDescription
Plagiatus

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1159168

ProductName
Plagiatus

ProductVersionNumber
1.2.0.93

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 51d300dd5a4eb64aa274b5dc8ec30b49
SHA1 e9f7166e38bd1e3a0c98eeca2d2edc9f856decdf
SHA256 9aa7625f2d537763e5a887f8c2b81bf9f3a8a330090e638c101fc73a2caba525
ssdeep
24576:5j5Y8sMZxUP8NE+qy2w5mC1cwiYEqF0XspfBW9A3B:50exC8Yy/mHwih1Xs1O

imphash 6e464acd9f416c751c89805643c87324
File size 1.2 MB ( 1266176 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (28.0%)
UPX compressed Win32 Executable (27.5%)
Win32 EXE Yoda's Crypter (27.0%)
Win32 Dynamic Link Library (generic) (6.6%)
Win32 Executable (generic) (4.5%)
Tags
peexe upx

VirusTotal metadata
First submission 2012-08-23 16:15:55 UTC ( 6 years, 7 months ago )
Last submission 2017-06-26 16:50:38 UTC ( 1 year, 8 months ago )
File names file-5122626_exe
plagiatus.exe
plagiatus.exe
advego_plagiatus_1.2.0.93_unpack.exe
plagiatus.exe
Plagiatus
Advego Plagiatus 1.2.0.93.exe
plagiatus.exe
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!