× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9ba6b7607efabc32e391e797df2cacd84a423049324d4af486dd84ed7e6503e4
File name: lose.exe
Detection ratio: 3 / 43
Analysis date: 2012-02-14 10:48:19 UTC ( 6 years, 11 months ago )
Antivirus Result Update
CAT-QuickHeal (Suspicious) - DNAScan 20120214
Kaspersky HEUR:Trojan.Win32.Generic 20120214
Microsoft Trojan:Win32/Swrort.A 20120214
AhnLab-V3 20120213
AntiVir 20120214
Antiy-AVL 20120213
Avast 20120214
AVG 20120213
BitDefender 20120214
ByteHero 20120211
ClamAV 20120214
Commtouch 20120214
Comodo 20120214
DrWeb 20120214
Emsisoft 20120214
eSafe 20120213
eTrust-Vet 20120214
F-Prot 20120213
F-Secure 20120214
Fortinet 20120214
GData 20120214
Ikarus 20120214
Jiangmin 20120214
K7AntiVirus 20120213
McAfee 20120214
McAfee-GW-Edition 20120213
NOD32 20120214
Norman 20120213
nProtect 20120214
Panda 20120213
PCTools 20120207
Prevx 20120214
Rising 20120214
Sophos AV 20120214
SUPERAntiSpyware 20120206
Symantec 20120214
TheHacker 20120213
TrendMicro 20120214
TrendMicro-HouseCall 20120214
VBA32 20120214
VIPRE 20120214
ViRobot 20120214
VirusBuster 20120213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Number of sections 18
PE sections
PE imports
DeleteCriticalSection, EnterCriticalSection, FreeLibrary, GetCurrentProcess, GetCurrentProcessId, GetCurrentThreadId, GetLastError, GetModuleHandleA, GetProcAddress, GetStartupInfoA, GetSystemTimeAsFileTime, GetTickCount, InitializeCriticalSection, IsDBCSLeadByteEx, LeaveCriticalSection, LoadLibraryA, LoadLibraryW, MultiByteToWideChar, QueryPerformanceCounter, SetUnhandledExceptionFilter, Sleep, TerminateProcess, TlsGetValue, UnhandledExceptionFilter, VirtualProtect, VirtualQuery, WideCharToMultiByte
__dllonexit, __getmainargs, __initenv, __lconv_init, __mb_cur_max, __set_app_type, __setusermatherr, _acmdln, _amsg_exit, _cexit, _errno, _fmode, _initterm, _iob, _lock, _onexit, _unlock, _winmajor, abort, atoi, calloc, exit, fputc, free, getenv, localeconv, malloc, memcpy, printf, puts, setlocale, signal, strchr, strerror, strlen, strncmp, wcslen
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:02:08 03:35:03+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
27136

LinkerVersion
2.2

EntryPoint
0x14e0

InitializedDataSize
35840

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
3584

File identification
MD5 e597a727e58ec1950343dea7dd10156c
SHA1 7da778cf1343741ed6b461d9b1d6a35be647e028
SHA256 9ba6b7607efabc32e391e797df2cacd84a423049324d4af486dd84ed7e6503e4
ssdeep
3072:dbPOGPao/fdFT5BhS+Ifa9z8oYG/h4vED8c9pb:dbGkjtn9fSo58Ab

File size 213.4 KB ( 218543 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2012-02-14 10:48:19 UTC ( 6 years, 11 months ago )
Last submission 2012-02-14 10:48:19 UTC ( 6 years, 11 months ago )
File names lose.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!