× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9c21141f2c4c341c36206f5d191e5db0b34d2440be2fec271027a3a81e9a6bd5
Detection ratio: 13 / 66
Analysis date: 2018-04-05 12:49:31 UTC ( 10 months, 2 weeks ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20180405
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9967 20180404
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20170201
Cylance Unsafe 20180405
Endgame malicious (high confidence) 20180403
ESET-NOD32 Win32/Spy.Ursnif.BO 20180405
Ikarus Trojan-Banker.UrSnif 20180405
Sophos ML heuristic 20180121
Kaspersky UDS:DangerousObject.Multi.Generic 20180405
Palo Alto Networks (Known Signatures) generic.ml 20180405
Symantec Trojan Horse 20180405
WhiteArmor Malware.HighConfidence 20180405
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180405
Ad-Aware 20180405
AhnLab-V3 20180405
Alibaba 20180404
ALYac 20180405
Antiy-AVL 20180405
Arcabit 20180405
Avast 20180405
Avast-Mobile 20180405
AVG 20180405
Avira (no cloud) 20180405
AVware 20180405
BitDefender 20180405
Bkav 20180405
CAT-QuickHeal 20180405
ClamAV 20180405
CMC 20180405
Comodo 20180405
Cybereason 20180225
Cyren 20180405
DrWeb 20180405
eGambit 20180405
Emsisoft 20180405
F-Prot 20180405
F-Secure 20180405
Fortinet 20180405
GData 20180405
Jiangmin 20180405
K7AntiVirus 20180404
K7GW 20180405
Kingsoft 20180405
Malwarebytes 20180405
MAX 20180405
McAfee 20180405
McAfee-GW-Edition 20180405
Microsoft 20180405
eScan 20180405
NANO-Antivirus 20180405
nProtect 20180405
Panda 20180405
Qihoo-360 20180405
Rising 20180405
SentinelOne (Static ML) 20180225
Sophos AV 20180405
SUPERAntiSpyware 20180405
Symantec Mobile Insight 20180401
Tencent 20180405
TheHacker 20180404
TrendMicro 20180405
TrendMicro-HouseCall 20180405
Trustlook 20180405
VBA32 20180405
VIPRE 20180405
ViRobot 20180405
Yandex 20180405
Zillya 20180404
Zoner 20180405
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Two Meet
Original name Lengthsolution.exe
Internal name Two Meet
File version 4, 4, 8757, 1931
Description Two Meet
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-04-04 15:51:20
Entry Point 0x0009CB4D
Number of sections 4
PE sections
PE imports
RegCloseKey
RegQueryValueExW
RegCreateKeyW
SetMapMode
TextOutW
PatBlt
GetTextExtentPoint32W
SaveDC
GetClipBox
GetDeviceCaps
ExcludeClipRect
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
SetPixel
SetTextColor
MoveToEx
ExtTextOutW
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
PtVisible
StretchBlt
ScaleViewportExtEx
SelectObject
SetWindowExtEx
SetViewportExtEx
Escape
SetBkColor
DeleteObject
GetStdHandle
GetConsoleOutputCP
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetProcAddress
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
GlobalHandle
TlsGetValue
FindNextChangeNotification
SetLastError
GlobalFindAtomW
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
EnumSystemLocalesA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
GlobalAddAtomW
MoveFileExW
SetUnhandledExceptionFilter
SetSystemPowerState
TerminateProcess
FindCloseChangeNotification
WriteConsoleA
GlobalAlloc
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetWindowsDirectoryW
LCMapStringW
GetStartupInfoW
GlobalLock
GetProcessHeap
GlobalReAlloc
lstrcmpA
HeapValidate
IsValidLocale
lstrcmpW
GetUserDefaultLCID
GetTempPathW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LocalReAlloc
GlobalDeleteAtom
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
lstrlenW
FindFirstChangeNotificationW
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCPInfo
HeapSize
InterlockedCompareExchange
RaiseException
TlsFree
GetModuleHandleA
ReadFile
GlobalFlags
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
HeapCreate
FindResourceW
VirtualFree
Sleep
VirtualAlloc
AccessibleObjectFromPoint
GetOleaccVersionInfo
CreateStdAccessibleObject
LresultFromObject
OleCreateFontIndirect
VariantClear
OleTranslateColor
VariantChangeType
OleCreatePictureIndirect
OleCreatePropertyFrameIndirect
VariantInit
OleIconToCursor
OleCreatePropertyFrame
OleLoadPicture
GetDeviceDriverBaseNameW
GetPerformanceInfo
GetMappedFileNameW
QueryWorkingSet
GetProcessImageFileNameW
EnumProcesses
GetModuleInformation
GetDeviceDriverFileNameW
EnumProcessModules
GetProcessMemoryInfo
EmptyWorkingSet
GetModuleFileNameExW
EnumPageFilesW
InitializeProcessForWsWatch
EnumDeviceDrivers
GetWsChanges
GetModuleBaseNameW
GetForegroundWindow
SetMenuItemBitmaps
LoadBitmapW
DestroyMenu
PostQuitMessage
GetMessagePos
SetWindowPos
IsWindow
GrayStringW
GetMessageTime
SetMenuItemInfoW
DispatchMessageW
ReleaseDC
GetDlgCtrlID
SendMessageW
GetClassInfoW
DrawTextW
CallNextHookEx
LoadImageW
GetTopWindow
RegisterHotKey
GetWindowTextW
GetMenuItemID
DestroyWindow
GetClassInfoExW
GetPropW
SetPropW
ValidateRect
PeekMessageW
EnableWindow
IsWindowEnabled
GetWindow
RegisterClassW
GetWindowPlacement
EnableMenuItem
GetSubMenu
UnhookWinEvent
CopyRect
GetSysColorBrush
CreateWindowExW
TabbedTextOutW
GetWindowLongW
PtInRect
MapWindowPoints
RegisterWindowMessageW
IsIconic
DefWindowProcW
CheckMenuRadioItem
GetParent
GetSystemMetrics
SetWindowLongW
GetWindowRect
InflateRect
IntersectRect
RemovePropW
PostMessageW
CheckMenuItem
GetClassLongW
GetLastActivePopup
SetWindowTextW
GetDlgItem
GetMenuCheckMarkDimensions
ClientToScreen
GetMenuItemCount
GetMenuState
SetWindowsHookExW
LoadCursorW
LoadIconW
GetDC
SetForegroundWindow
ExitWindowsEx
DrawTextExW
GetScrollInfo
GetCapture
GetWindowThreadProcessId
MessageBoxW
GetMenu
UnhookWindowsHookEx
AdjustWindowRectEx
GetSysColor
SetScrollInfo
GetKeyState
SystemParametersInfoA
GetDoubleClickTime
WinHelpW
CallWindowProcW
GetClassNameW
ModifyMenuW
GetFocus
SetMenu
GetClientRect
DocumentPropertiesW
ClosePrinter
OpenPrinterW
OleUninitialize
CoRegisterClassObject
CoInitialize
OleInitialize
CoRegisterSurrogate
OleSetContainedObject
CoUninitialize
PdhAddCounterW
PdhBindInputDataSourceW
Number of PE resources by type
RT_ICON 9
RT_GROUP_ICON 1
RT_VERSION 1
RT_RCDATA 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 13
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.4.8757.1931

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Two Meet

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
861696

EntryPoint
0x9cb4d

OriginalFileName
Lengthsolution.exe

MIMEType
application/octet-stream

FileVersion
4, 4, 8757, 1931

TimeStamp
2010:04:04 17:51:20+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Two Meet

ProductVersion
4, 4, 8757, 1931

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
NetFactor Part

CodeSize
737792

ProductName
Two Meet

ProductVersionNumber
4.4.8757.1931

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 f65d9eb6853a6ef02b56e1dc607797bb
SHA1 f0c771a85a1583345db7383ac5d5f2fad31f5cae
SHA256 9c21141f2c4c341c36206f5d191e5db0b34d2440be2fec271027a3a81e9a6bd5
ssdeep
12288:1tDIF/rIqvUUU/a11AZRSrdKo30EdDU02RuvB0t2Cg8RRxK8KwQYqKOuaBrlEEGe:1tssuhb30q2UN8HxKDxdkScQipr6f

authentihash 965e9758c2252e95a7bed388556a147c6aa64a8369f9d8118f7df4333989b12d
imphash 73945b150dcd99154d0c4ce8761ffa2c
File size 1.5 MB ( 1534464 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.4%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-05 08:15:52 UTC ( 10 months, 2 weeks ago )
Last submission 2018-11-27 07:49:13 UTC ( 2 months, 3 weeks ago )
File names pasasing5.class
pasasing8.class
pasasing3.class
pasasing6.class
pasasing1.class
pasasing2.class
testv.php
pasasing9.class
Two Meet
Lengthsolution.exe
9e55fad9926c3f03fa6da8828ba2368d.safe
.
117713.exe
pasasing10.class
pasasing7.class
pasasing4.class
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs