× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9d3fac012d1f7a6cf3c7c381e6ef4b2c73d4d8d5a3f6a597d2b2837e115c90a0
File name: hack_facebook_pro_v6.9.exe
Detection ratio: 50 / 68
Analysis date: 2018-07-23 10:45:47 UTC ( 4 months, 3 weeks ago )
Antivirus Result Update
AegisLab Trojan.Multi.Generic.4!c 20180723
AhnLab-V3 Trojan/Win32.Breut.C230199 20180723
Antiy-AVL Trojan/Win32.Genome 20180723
Arcabit Trojan.Kazy.DD6E1 20180723
Avast Win32:Malware-gen 20180723
AVG Win32:Malware-gen 20180723
Avira (no cloud) BDS/Fynloski.A.12199 20180723
AVware Trojan.Win32.Generic.pak!cobra 20180723
BitDefender Gen:Variant.Kazy.55009 20180723
CAT-QuickHeal Udsdangerousobject.Multi 20180723
ClamAV Win.Trojan.FaceHack-1 20180723
Comodo UnclassifiedMalware 20180723
CrowdStrike Falcon (ML) malicious_confidence_70% (D) 20180530
Cybereason malicious.4f9dcc 20180225
Cylance Unsafe 20180723
Cyren W32/Trojan.YAXB-5063 20180723
DrWeb Trojan.Siggen3.39429 20180723
Emsisoft Gen:Variant.Kazy.55009 (B) 20180723
Endgame malicious (high confidence) 20180711
ESET-NOD32 Win32/Agent.PAB 20180723
Fortinet W32/WBNA.IPA!worm 20180723
GData Gen:Variant.Kazy.55009 20180723
Ikarus Worm.Win32.VBNA 20180723
Sophos ML heuristic 20180717
Jiangmin Trojan/Genome.csmk 20180723
K7AntiVirus Trojan ( 005351d21 ) 20180723
K7GW Trojan ( 005351d21 ) 20180723
Kaspersky UDS:DangerousObject.Multi.Generic 20180723
MAX malware (ai score=100) 20180723
McAfee Generic.dx!229AF3E4F9DC 20180723
McAfee-GW-Edition Generic.dx!229AF3E4F9DC 20180723
Microsoft Trojan:Win32/Vigorf.A 20180723
eScan Gen:Variant.Kazy.55009 20180723
NANO-Antivirus Trojan.Win32.TrjGen.ktouq 20180723
Palo Alto Networks (Known Signatures) generic.ml 20180723
Panda Trj/CI.A 20180722
Qihoo-360 Win32/Trojan.e43 20180723
Rising Trojan.Injector!8.C4 (CLOUD) 20180723
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Troj/Agent-UYX 20180723
Symantec Backdoor.Breut 20180723
Tencent Win32.Trojan.Zapchast.Hqby 20180723
TrendMicro BKDR_ZAPCHAST.SG 20180723
TrendMicro-HouseCall BKDR_ZAPCHAST.SG 20180723
VBA32 Trojan.Genome.ae 20180720
VIPRE Trojan.Win32.Generic.pak!cobra 20180723
Webroot W32.Trojan.Gen 20180723
Yandex Trojan.Genome!dAt9gmt+Yuw 20180720
Zillya Trojan.Genome.Win32.155382 20180720
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180723
Ad-Aware 20180723
Alibaba 20180713
ALYac 20180723
Avast-Mobile 20180723
Babable 20180406
Baidu 20180723
Bkav 20180723
CMC 20180723
eGambit 20180723
F-Prot 20180723
F-Secure 20180723
Kingsoft 20180723
Malwarebytes 20180723
SUPERAntiSpyware 20180722
TACHYON 20180723
TheHacker 20180723
TotalDefense 20180722
Trustlook 20180723
ViRobot 20180723
Zoner 20180723
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT RAR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-12-07 06:40:20
Entry Point 0x0000B3C1
Number of sections 5
PE sections
Overlays
MD5 1573e7f3ba3967188a83cf39f7d1c8fc
File type application/x-rar
Offset 194560
Size 265388
Entropy 8.00
PE imports
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetFileSecurityA
RegQueryValueExW
InitCommonControlsEx
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW
GetDeviceCaps
DeleteDC
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
SetFilePointer
GetSystemTime
GetLastError
HeapFree
GetStdHandle
DosDateTimeToFileTime
ReadFile
FileTimeToSystemTime
GetModuleFileNameW
WaitForSingleObject
GetVersionExW
GetExitCodeProcess
FindNextFileA
CompareStringW
HeapAlloc
SystemTimeToFileTime
IsDBCSLeadByte
GetCommandLineW
GetFileAttributesW
GetCurrentProcess
FileTimeToLocalFileTime
MoveFileW
OpenFileMappingW
SetFileAttributesA
GetDateFormatW
CreateDirectoryA
DeleteFileA
GetCPInfo
ExitProcess
MultiByteToWideChar
SetEnvironmentVariableW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
CreateFileMappingW
GetTimeFormatW
WriteFile
SetFileAttributesW
CloseHandle
WideCharToMultiByte
MapViewOfFile
MoveFileExW
ExpandEnvironmentStringsW
FindNextFileW
SetEndOfFile
GetFileAttributesA
GetTempPathW
FindFirstFileA
FindFirstFileW
HeapReAlloc
GetModuleHandleW
GetFullPathNameA
FreeLibrary
GetCurrentDirectoryW
LoadLibraryW
SetCurrentDirectoryW
UnmapViewOfFile
FindResourceW
CreateFileW
GlobalAlloc
LocalFileTimeToFileTime
FindClose
Sleep
GetFileType
GetFullPathNameW
SetFileTime
CreateFileA
GetTickCount
GetLocaleInfoW
GetNumberFormatW
SetLastError
CompareStringA
VariantInit
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
SHAutoComplete
SetFocus
MapWindowPoints
GetParent
UpdateWindow
EndDialog
LoadBitmapW
DefWindowProcW
GetWindowTextW
GetMessageW
ShowWindow
GetSystemMetrics
SetWindowPos
wvsprintfW
CharToOemBuffA
SetWindowLongW
IsWindow
SendMessageW
GetWindowRect
RegisterClassExW
CharUpperW
DialogBoxParamW
CharToOemBuffW
wvsprintfA
SendDlgItemMessageW
GetDlgItemTextW
PostMessageW
GetSysColor
SetDlgItemTextW
GetDC
ReleaseDC
DestroyIcon
TranslateMessage
IsWindowVisible
LoadStringW
SetWindowTextW
GetDlgItem
GetWindow
MessageBoxW
DispatchMessageW
GetClassNameW
PeekMessageW
CharUpperA
GetClientRect
OemToCharA
EnableWindow
CopyRect
WaitForInputIdle
OemToCharBuffA
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
GetWindowLongW
SetForegroundWindow
DestroyWindow
CharToOemA
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
OleInitialize
CLSIDFromString
Number of PE resources by type
RT_DIALOG 6
RT_STRING 6
RT_ICON 5
RT_MANIFEST 1
RT_BITMAP 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 14
NEUTRAL DEFAULT 6
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2011:12:07 07:40:20+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
72704

LinkerVersion
9.0

EntryPoint
0xb3c1

InitializedDataSize
120832

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 229af3e4f9dccc0497e7546c09790d50
SHA1 5a35ec46be8f551ed572ab2fb675f7c09ae7beaf
SHA256 9d3fac012d1f7a6cf3c7c381e6ef4b2c73d4d8d5a3f6a597d2b2837e115c90a0
ssdeep
12288:gxaVAh64U5lygx6Ep8wSMvKviU8rxEAxDUtsT8:gxaVxr5BwE9B9C28T

authentihash 909bd6d6d4d24bded9938926478482fd8745e62975c63f8b5c54b4bc26de677b
imphash 2b8c9d9ab6fefc247adaf927e83dcea6
File size 449.2 KB ( 459948 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID WinRAR Self Extracting archive (4.x-5.x) (91.4%)
Win32 Executable MS Visual C++ (generic) (3.4%)
Win64 Executable (generic) (3.0%)
Win32 Dynamic Link Library (generic) (0.7%)
Win32 Executable (generic) (0.5%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-02-06 19:03:28 UTC ( 6 years, 10 months ago )
Last submission 2017-12-30 19:31:43 UTC ( 11 months, 2 weeks ago )
File names hack_facebook_pro_v6.9.exe
229af3e4f9dccc0497e7546c09790d50.vxe
0534
9d3fac012d1f7a6cf3c7c381e6ef4b2c73d4d8d5a3f6a597d2b2837e115c90a0.log
8_NOT_DETECTED.exe
hack_facebook_pro_v6.9.bin
hack_facebook_pro_v6.9.exe
axe
8a3f2dba-1dd1-4086-9fba-f44af57b4c19
bad.exe
229af3e4f9dccc0497e7546c09790d50.exe
file-3830615_
5a35ec46be8f551ed572ab2fb675f7c09ae7beaf.bin
229af3e4f9dccc0497e7546c09790d50
229af3e4f9dccc0497e7546c09790d50.virobj
dee536a4-50de-4dc1-87e4-b4aca997a773
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!