× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9bbd57eed8b2cf096ed31e3253da7d0f7d9df7eb7968bde0a087ffaee6c67dc4
File name: sup.exe
Detection ratio: 25 / 72
Analysis date: 2018-12-24 22:08:44 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20181224
AhnLab-V3 Malware/Gen.Generic.C2893315 20181224
Antiy-AVL Trojan/Win32.Tasker 20181223
Avast Win32:Trojan-gen 20181224
AVG Win32:Trojan-gen 20181224
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.64a59b 20180225
Cylance Unsafe 20181224
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/CoinMiner.BSG 20181224
Jiangmin Trojan.Tasker.mw 20181224
Kaspersky HEUR:Trojan.Win32.Generic 20181224
Malwarebytes Trojan.BitCoinMiner 20181224
McAfee-GW-Edition BehavesLike.Win32.Generic.dh 20181224
Microsoft Trojan:Win32/Azden.A!cl 20181224
NANO-Antivirus Trojan.Win32.Tasker.fkzspf 20181224
Panda Trj/GdSda.A 20181224
Rising Malware.Heuristic!ET#98% (RDM+:cmRtazqsowT4OWDL23+4hZouwc6e) 20181224
Sophos AV Mal/Generic-S 20181224
Symantec ML.Attribute.HighConfidence 20181224
TACHYON Trojan/W32.Tasker.218112 20181224
Tencent Win32.Trojan.Generic.Sxxo 20181224
Trapmine suspicious.low.ml.score 20181205
VBA32 BScope.TrojanDownloader.Bitmin 20181222
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181224
Ad-Aware 20181224
AegisLab 20181224
Alibaba 20180921
ALYac 20181224
Arcabit 20181224
Avast-Mobile 20181224
Avira (no cloud) 20181224
AVware 20180925
Babable 20180918
Baidu 20181207
BitDefender 20181224
Bkav 20181224
CAT-QuickHeal 20181224
ClamAV 20181224
CMC 20181224
Comodo 20181224
Cyren 20181224
DrWeb 20181224
eGambit 20181224
Emsisoft 20181224
F-Prot 20181224
F-Secure 20181224
Fortinet 20181224
GData 20181224
Ikarus 20181224
Sophos ML 20181128
K7AntiVirus 20181224
K7GW 20181224
Kingsoft 20181224
MAX 20181224
McAfee 20181224
eScan 20181224
Palo Alto Networks (Known Signatures) 20181224
Qihoo-360 20181224
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TheHacker 20181220
TotalDefense 20181223
TrendMicro 20181224
TrendMicro-HouseCall 20181224
Trustlook 20181224
VIPRE 20181223
ViRobot 20181224
Webroot 20181224
Yandex 20181223
Zillya 20181222
Zoner 20181224
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-24 12:57:25
Entry Point 0x0001339D
Number of sections 5
PE sections
PE imports
GetCurrentHwProfileA
GetUserNameA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetDeviceCaps
CreateDCW
GetStdHandle
EncodePointer
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetThreadContext
GetLocaleInfoW
SetStdHandle
WideCharToMultiByte
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
Thread32First
HeapReAlloc
GetStringTypeW
SetFileAttributesA
IsWow64Process
ResumeThread
InitializeCriticalSection
InterlockedDecrement
SetLastError
GetSystemTime
OpenThread
WriteProcessMemory
GetModuleFileNameW
CopyFileA
ExitProcess
GetModuleFileNameA
HeapSetInformation
EnumSystemLocalesA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
CreateMutexA
SetFilePointer
CreateThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetUserDefaultLocaleName
DecodePointer
SetEnvironmentVariableA
SetThreadContext
GlobalMemoryStatus
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
RtlUnwind
GetDateFormatA
TzSpecificLocalTimeToSystemTime
OpenProcess
CreateDirectoryA
GetStartupInfoW
ReadProcessMemory
GetProcAddress
GetProcessHeap
CompareStringW
GetTimeFormatA
GetComputerNameA
Thread32Next
IsValidLocale
GetUserDefaultLCID
GetTimeZoneInformation
CreateFileW
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
InterlockedIncrement
GetLastError
LCMapStringW
VirtualAllocEx
GetSystemInfo
lstrlenA
GetConsoleCP
GetEnvironmentStringsW
Process32NextW
GetCurrentProcessId
GetCPInfo
HeapSize
GetCommandLineA
Process32FirstW
SuspendThread
RaiseException
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
HeapCreate
Sleep
TerminateProcess
VirtualAlloc
EnumProcessModules
GetModuleFileNameExW
GetModuleBaseNameW
ShellExecuteExA
ShellExecuteW
ShellExecuteA
ReleaseDC
GetForegroundWindow
CharToOemW
MessageBoxA
GetWindowTextA
EnumDisplayDevicesW
WinHttpConnect
WinHttpSendRequest
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpOpen
WinHttpOpenRequest
WinHttpReadData
socket
send
WSAStartup
gethostbyname
connect
htons
closesocket
URLOpenBlockingStreamA
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:12:24 13:57:25+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
162816

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1339d

InitializedDataSize
54272

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Execution parents
File identification
MD5 c84067934d8f4f108971492c94686850
SHA1 d07744164a59b9b795f2538a1e918dbcbb3f0601
SHA256 9bbd57eed8b2cf096ed31e3253da7d0f7d9df7eb7968bde0a087ffaee6c67dc4
ssdeep
3072:1xl2h1JRr80p2xa/blPODV2JkctqFqqUHsABhD0Yo+vNuXS04M1C1:7G5rTlvJkFqqUHphD0YTEJG

authentihash 09a4bb24db543fba04175e36db5e5f9f8c4c7b89dbc67b5a070acc09ea8287bc
imphash 3888d8af817073a2d28a3b8a338ef5bf
File size 213.0 KB ( 218112 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-24 22:08:44 UTC ( 1 month, 3 weeks ago )
Last submission 2018-12-24 22:08:44 UTC ( 1 month, 3 weeks ago )
File names sup.exe
iexplore.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!