× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032
File name: KB00991020.exe
Detection ratio: 53 / 56
Analysis date: 2016-02-19 06:46:22 UTC ( 6 months, 1 week ago )
Antivirus Result Update
ALYac MemScan:Trojan.Agent.AVTA 20160219
AVG Agent3.CEJL 20160219
AVware Trojan.Win32.Generic!BT 20160219
Ad-Aware MemScan:Trojan.Agent.AVTA 20160219
AegisLab Troj.W32.Agent.ubqy!c 20160219
Yandex Worm.AutoRun!gQBuVWIa8M8 20160217
AhnLab-V3 Trojan/Win32.HDC 20160218
Antiy-AVL Trojan/Win32.Agent 20160219
Arcabit Trojan.Agent.AVTA 20160219
Avast Win32:GenMalicious-IQV [Trj] 20160219
Avira (no cloud) TR/Crypt.XPACK.Gen 20160219
Baidu-International Worm.Win32.Spy.Banker 20160218
BitDefender MemScan:Trojan.Agent.AVTA 20160219
Bkav W32.Bakecom.Trojan 20160218
CAT-QuickHeal Trojan.Dapato.09463 20160219
CMC Trojan.Win32.Agent!O 20160216
ClamAV WIN.Trojan.Agent-49162 20160219
Comodo UnclassifiedMalware 20160219
Cyren W32/Agent.CC.gen!Eldorado 20160219
DrWeb Trojan.Necurs.20 20160219
ESET-NOD32 Win32/AutoRun.Spy.Banker.M 20160219
Emsisoft MemScan:Trojan.Agent.AVTA (B) 20160219
F-Prot W32/Agent.CC.gen!Eldorado 20160219
F-Secure MemScan:Trojan.Agent.AVTA 20160219
Fortinet W32/Cidex.QT!tr 20160218
GData MemScan:Trojan.Agent.AVTA 20160219
Ikarus Worm.Win32.Cridex 20160219
Jiangmin Trojan/Generic.ttwy 20160219
K7AntiVirus Trojan ( 003ea65c1 ) 20160219
K7GW Trojan ( 003ea65c1 ) 20160219
Kaspersky Trojan.Win32.Agent.ubqy 20160218
Malwarebytes Trojan.Agent 20160219
McAfee PWS-Zbot 20160219
McAfee-GW-Edition BehavesLike.Win32.RAHack.kh 20160219
eScan MemScan:Trojan.Agent.AVTA 20160219
Microsoft Worm:Win32/Cridex.B 20160219
NANO-Antivirus Virus.Win32.Gen.ccmw 20160219
Panda Generic Malware 20160218
Qihoo-360 Malware.Radar01.Gen 20160219
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20160218
SUPERAntiSpyware Trojan.Agent/Gen-AutoRun 20160219
Sophos Mal/Bredo-S 20160219
Symantec Trojan.Gen 20160218
Tencent Win32.Trojan.Inject.Auto 20160219
TheHacker Trojan/AutoRun.Spy.Banker.m 20160217
TotalDefense Win32/Cridex.CS 20160218
TrendMicro WORM_CRIDEX.C 20160219
TrendMicro-HouseCall WORM_CRIDEX.C 20160219
VBA32 Trojan.Agent 20160218
VIPRE Trojan.Win32.Generic!BT 20160219
ViRobot Trojan.Win32.Agent.64512.AQ[h] 20160219
Zillya Worm.AutoRun.Win32.64129 20160218
nProtect Trojan/W32.Agent.64512.WF 20160218
Alibaba 20160219
ByteHero 20160219
Zoner 20160219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-27 23:56:08
Entry Point 0x00003370
Number of sections 4
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2012:02:28 00:56:08+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
48128

LinkerVersion
8.0

EntryPoint
0x3370

InitializedDataSize
80384

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 76b2a3832ce39f81887fc3375af60fc5
SHA1 ad72776daa1cebffd3c52c4e6920c441cbe8a6f5
SHA256 9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032
ssdeep
1536:r79NzmMKOsruEhjlsCuLp21sW2VzetvIqi:7KOw1l2U92petxi

authentihash e603d1eed2f1ef759f134d6ce177446a23d0461db8520a6ddd17bc65dfa059bc
File size 63.0 KB ( 64512 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2012-06-27 17:43:20 UTC ( 4 years, 1 month ago )
Last submission 2016-02-05 17:37:25 UTC ( 6 months, 3 weeks ago )
File names KB00933303.exe
76b2a3832ce39f81887fc3375af60fc5
9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032
KB00714509.exe
sample_ad72776daa1cebffd3c52c4e6920c441cbe8a6f5
output.1774585.txt
output.1737918.txt
1689.exe
1689.exe
1774585
1737918
1689.exe
76b2a3832ce39f81887fc3375af60fc5.exe
76B2A3832CE39F81887FC3375AF60FC5.bin
KB00991020.exe
1689.exe-LvmKz8
KB00149503.exe
KB00544284.exe
9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032.bin
1689.exe
file-4187700_exe
virus.win32.trojan.crypt.xpack.gen.1689.exe
76B2A3832CE39F81887FC3375AF60FC5.EXE
test.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!