× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032
File name: 1689.exe
Detection ratio: 51 / 56
Analysis date: 2014-12-13 10:30:21 UTC ( 5 months, 1 week ago )
Antivirus Result Update
ALYac MemScan:Trojan.Agent.AVTA 20141213
AVG Agent3.CEJL 20141213
AVware Trojan.Win32.Generic!BT 20141213
Ad-Aware MemScan:Trojan.Agent.AVTA 20141213
Agnitum Worm.AutoRun!gQBuVWIa8M8 20141212
AhnLab-V3 Trojan/Win32.HDC 20141212
Antiy-AVL Trojan/Win32.Agent 20141212
Avast Win32:Cridex-E [Wrm] 20141213
Avira TR/Crypt.XPACK.Gen 20141213
Baidu-International Trojan.Win32.Agent.aH 20141213
BitDefender MemScan:Trojan.Agent.AVTA 20141213
Bkav W32.Bakecom.Trojan 20141212
CMC Trojan.Win32.Agent!O 20141212
ClamAV WIN.Trojan.Agent-49162 20141212
Comodo UnclassifiedMalware 20141213
Cyren W32/Agent.CC.gen!Eldorado 20141213
DrWeb Trojan.Necurs.20 20141213
ESET-NOD32 Win32/AutoRun.Spy.Banker.M 20141213
Emsisoft MemScan:Trojan.Agent.AVTA (B) 20141213
F-Prot W32/Agent.CC.gen!Eldorado 20141213
F-Secure MemScan:Trojan.Agent.AVTA 20141213
Fortinet W32/Cidex.QT!tr 20141213
GData MemScan:Trojan.Agent.AVTA 20141213
Ikarus Worm.Win32.Cridex 20141213
Jiangmin Trojan/Generic.uznp 20141212
K7AntiVirus Trojan ( 003ea65c1 ) 20141212
K7GW Trojan ( 003ea65c1 ) 20141213
Kaspersky Trojan.Win32.Agent.ubqy 20141213
Kingsoft Win32.Troj.Undef.(kcloud) 20141213
Malwarebytes Trojan.Agent 20141213
McAfee PWS-Zbot 20141213
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.kh 20141213
MicroWorld-eScan MemScan:Trojan.Agent.AVTA 20141213
Microsoft Worm:Win32/Cridex.B 20141213
NANO-Antivirus Trojan.Win32.Necurs.bbuime 20141213
Norman Troj_Generic.CPCBP 20141213
Panda Generic Malware 20141213
Qihoo-360 Malware.Radar01.Gen 20141213
SUPERAntiSpyware Trojan.Agent/Gen-AutoRun 20141213
Sophos Mal/Bredo-S 20141213
Symantec Trojan.Gen 20141213
Tencent Win32.Trojan.Agent.Ajbu 20141213
TheHacker Trojan/AutoRun.Spy.Banker.m 20141212
TotalDefense Win32/Cridex.CS 20141212
TrendMicro WORM_CRIDEX.C 20141213
TrendMicro-HouseCall WORM_CRIDEX.C 20141213
VBA32 Trojan.Agent 20141212
VIPRE Trojan.Win32.Generic!BT 20141213
ViRobot Trojan.Win32.Agent.64512.AQ[h] 20141213
Zillya Worm.AutoRun.Win32.64129 20141212
nProtect Trojan/W32.Agent.64512.WF 20141212
AegisLab 20141213
ByteHero 20141213
CAT-QuickHeal 20141212
Rising 20141212
Zoner 20141210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-02-27 23:56:08
Link date 12:56 AM 2/28/2012
Entry Point 0x00003370
Number of sections 4
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:02:28 00:56:08+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
48128

LinkerVersion
8.0

FileAccessDate
2014:12:13 11:31:33+01:00

EntryPoint
0x3370

InitializedDataSize
80384

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

FileCreateDate
2014:12:13 11:31:33+01:00

UninitializedDataSize
0

File identification
MD5 76b2a3832ce39f81887fc3375af60fc5
SHA1 ad72776daa1cebffd3c52c4e6920c441cbe8a6f5
SHA256 9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032
ssdeep
1536:r79NzmMKOsruEhjlsCuLp21sW2VzetvIqi:7KOw1l2U92petxi

authentihash e603d1eed2f1ef759f134d6ce177446a23d0461db8520a6ddd17bc65dfa059bc
File size 63.0 KB ( 64512 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-06-27 17:43:20 UTC ( 2 years, 10 months ago )
Last submission 2014-12-13 10:30:21 UTC ( 5 months, 1 week ago )
File names KB00933303.exe
76b2a3832ce39f81887fc3375af60fc5
9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032
KB00714509.exe
sample_ad72776daa1cebffd3c52c4e6920c441cbe8a6f5
output.1774585.txt
output.1737918.txt
1689.exe
1689.exe
1774585
1737918
1689.exe
76b2a3832ce39f81887fc3375af60fc5.exe
76B2A3832CE39F81887FC3375AF60FC5.bin
1689.exe-LvmKz8
KB00149503.exe
KB00544284.exe
9d3ddb1eeba08704e844e916b13e7a862ca12a12b22bb12ac14bb6ef4f04e032.bin
1689.exe
file-4187700_exe
76B2A3832CE39F81887FC3375AF60FC5.EXE
test.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!