× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9cb95959bec83625a6cd9e2dd7d2261bc5715efb28124e600d9db357ea3912dc
File name: FbIpg60.exe
Detection ratio: 2 / 57
Analysis date: 2015-01-13 15:00:32 UTC ( 4 years, 4 months ago ) View latest
Antivirus Result Update
Qihoo-360 Malware.QVM20.Gen 20150113
Rising PE:Malware.XPACK-LNR/Heur!1.5594 20150112
Ad-Aware 20150113
AegisLab 20150113
Yandex 20150112
AhnLab-V3 20150113
Alibaba 20150112
ALYac 20150113
Antiy-AVL 20150112
Avast 20150113
AVG 20150113
Avira (no cloud) 20150110
AVware 20150113
Baidu-International 20150113
BitDefender 20150113
Bkav 20150113
ByteHero 20150113
CAT-QuickHeal 20150113
ClamAV 20150113
CMC 20150113
Comodo 20150113
Cyren 20150113
DrWeb 20150113
Emsisoft 20150113
ESET-NOD32 20150113
F-Prot 20150113
F-Secure 20150113
Fortinet 20150111
GData 20150113
Ikarus 20150113
Jiangmin 20150112
K7AntiVirus 20150113
K7GW 20150113
Kaspersky 20150113
Kingsoft 20150113
Malwarebytes 20150113
McAfee 20150113
McAfee-GW-Edition 20150113
Microsoft 20150113
eScan 20150113
NANO-Antivirus 20150113
Norman 20150113
nProtect 20150113
Panda 20150113
Sophos AV 20150113
SUPERAntiSpyware 20150113
Symantec 20150113
Tencent 20150113
TheHacker 20150112
TotalDefense 20150113
TrendMicro 20150113
TrendMicro-HouseCall 20150113
VBA32 20150113
VIPRE 20150113
ViRobot 20150113
Zillya 20150112
Zoner 20150112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
All rights reserved.

Original name Avastojeb
File version 1.0
Description Rjaba qcxxhoj - vdybpesvpxuxavvq kxadmwtfh
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-04-09 17:24:23
Entry Point 0x00002000
Number of sections 6
PE sections
PE imports
GetModuleHandleA
ExitProcess
GetCommandLineW
GetMessageA
CreateWindowExA
LoadCursorA
LoadIconA
DispatchMessageA
LoadMenuA
TranslateMessage
DefWindowProcA
RegisterClassA
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
1.71

ImageVersion
0.0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

InitializedDataSize
393728

EntryPoint
0x2000

OriginalFileName
Avastojeb

MIMEType
application/octet-stream

LegalCopyright
All rights reserved.

FileVersion
1.0

TimeStamp
2006:04:09 18:24:23+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0

FileDescription
Rjaba qcxxhoj - vdybpesvpxuxavvq kxadmwtfh

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
5120

FileSubtype
0

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 7e7d8325dec4cc8c3244dd1c2d3c653a
SHA1 3fb7ab8bad113aadd097912ed3cdd03cb373be2e
SHA256 9cb95959bec83625a6cd9e2dd7d2261bc5715efb28124e600d9db357ea3912dc
ssdeep
12288:c/lmqmHO9+c2q7k9jcxDwR3cXoP2lLS4Rh3bM:yau9+c37kB3c1lW4XbM

authentihash 15714a8a043abc7081a86d23442ca77113352636b0bfac1f00c9532a365a5d6f
imphash 296bfa396c4e041f335ba6e1d16ed4dc
File size 390.5 KB ( 399872 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.2%)
Win32 Executable (generic) (11.7%)
Win16/32 Executable Delphi generic (5.4%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe

VirusTotal metadata
First submission 2015-01-13 15:00:32 UTC ( 4 years, 4 months ago )
Last submission 2017-04-16 14:58:07 UTC ( 2 years, 1 month ago )
File names 7e7d8325dec4cc8c3244dd1c2d3c653a
7E7D8325DEC4CC8C3244DD1C2D3C653A
Avastojeb
tjAOlTTnXUTOMbL.ex
vti-rescan
FbIpg60.exe
9cb95959bec83625a6cd9e2dd7d2261bc5715efb28124e600d9db357ea3912dc.exe
tjAOlTTnXUTOMbL.exe
otUAxgxuRRshQpr.exe
7E7D8325DEC4CC8C3244DD1C2D3C653A.EXE
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!