× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9e49807c60518ae4b16db7552a0cc31940bddf23f8a6a2bc9e43ba5f831fe7f5
File name: Shortcut
Detection ratio: 40 / 49
Analysis date: 2014-02-23 04:09:16 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
AVG Downloader.Generic13.BNPI 20140223
Ad-Aware Trojan.GenericKD.1325753 20140223
Agnitum Trojan.Yakes!SzHWZVHR6lU 20140223
AhnLab-V3 Trojan/Win32.Tofsee 20140222
AntiVir TR/Dldr.Tofsee.D.72 20140222
Antiy-AVL Trojan/Win32.Yakes 20140219
Avast Win32:Dropper-gen [Drp] 20140223
Baidu-International Trojan.Win32.Yakes.AQW 20140222
BitDefender Trojan.GenericKD.1325753 20140223
Bkav W32.Clodca9.Trojan.738e 20140222
CAT-QuickHeal TrojanDownloader.Tofsee 20140222
Commtouch W32/Trojan.PDPV-2040 20140223
Comodo TrojWare.Win32.UMal.~A 20140223
DrWeb Trojan.DownLoad3.21597 20140223
ESET-NOD32 a variant of Win32/Kryptik.BMEJ 20140222
Emsisoft Trojan.GenericKD.1325753 (B) 20140223
F-Secure Trojan.GenericKD.1325753 20140223
Fortinet W32/Zbot.FG!tr 20140222
GData Trojan.GenericKD.1325753 20140223
Ikarus Trojan-Downloader.Win32.Tofsee 20140222
K7AntiVirus Riskware ( 0040eff71 ) 20140221
K7GW Riskware ( 0040eff71 ) 20140220
Kaspersky Trojan.Win32.Yakes.didb 20140222
Kingsoft Win32.Troj.Yakes.di.(kcloud) 20140223
Malwarebytes Malware.Packer.DL 20140223
McAfee ZeroAccess-FET!ADC9CAFBD4E2 20140223
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J!89 20140222
MicroWorld-eScan Trojan.GenericKD.1325753 20140223
Microsoft TrojanDownloader:Win32/Tofsee.D 20140223
Norman Kryptik.CCGB 20140222
Panda Generic Malware 20140222
Sophos Mal/Generic-S 20140223
Symantec Trojan.Gen 20140223
TheHacker Trojan/Kryptik.bmej 20140222
TotalDefense Win32/Tofsee.PWOfKQB 20140222
TrendMicro TROJ_SPNV.05J013 20140223
TrendMicro-HouseCall TROJ_SPNV.05J013 20140223
VBA32 BScope.Malware-Cryptor.LE 20140221
VIPRE Trojan.Win32.ZAccess.a!ag (v) 20140223
nProtect Trojan.GenericKD.1325753 20140223
ByteHero 20140223
CMC 20140220
ClamAV 20140222
F-Prot 20140223
Jiangmin 20140222
NANO-Antivirus 20140222
Qihoo-360 20140220
Rising 20140222
SUPERAntiSpyware 20140222
ViRobot 20140222
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
Copyright ©2000-2003 Marty List, www.OptimumX.com

Publisher Optimum X
Product Optimum X Shortcut
Original name Shortcut.exe
Internal name Shortcut
File version 1.10
Description Creates, modifies or queries Windows shell links (shortcuts)
Comments Creates, modifies or queries Windows shell links (shortcuts)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-10-08 15:19:29
Link date 4:19 PM 10/8/2013
Entry Point 0x000017E0
Number of sections 7
PE sections
PE imports
RegOpenKeyExW
GetOpenFileNameA
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetOverlappedResult
WaitForSingleObject
LockResource
HeapDestroy
DebugBreak
EnumUILanguagesW
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
MapViewOfFileEx
UnhandledExceptionFilter
OpenFileMappingA
SetErrorMode
lstrcatW
GetLocaleInfoW
EnumResourceLanguagesW
WideCharToMultiByte
GetDiskFreeSpaceW
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
SetEvent
LocalFree
GetProfileIntW
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
GetFullPathNameW
SetLastError
GetUserDefaultUILanguage
DeviceIoControl
CopyFileW
OutputDebugStringW
GetModuleFileNameW
HeapAlloc
lstrcmpiW
SetThreadPriority
GetVolumeInformationW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
FlushInstructionCache
GetPrivateProfileStringW
SetFilePointer
SetFileAttributesW
CreateThread
SetEnvironmentVariableW
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
GetVolumeNameForVolumeMountPointW
TerminateProcess
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
GetNumberFormatW
MulDiv
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
VirtualProtect
LoadLibraryA
GlobalSize
GetStartupInfoA
GetFileSize
GetDateFormatW
SetThreadExecutionState
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
GetTimeFormatW
lstrcpyW
GetFileSizeEx
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
CreateFileMappingA
FindFirstFileW
lstrcmpW
WaitForMultipleObjects
GetProcAddress
SleepEx
CreateEventW
ReadDirectoryChangesW
CreateFileW
CreateFileA
GetCurrentThreadId
InterlockedIncrement
GetLastError
GetShortPathNameW
UnmapViewOfFile
lstrlenA
GlobalFree
FindResourceW
CompareStringW
GetThreadLocale
GlobalUnlock
VirtualQuery
lstrlenW
WinExec
GetQueuedCompletionStatus
SizeofResource
CompareFileTime
GetCurrentProcessId
CreateIoCompletionPort
GetCommandLineW
GetCurrentThread
lstrcpynW
MapViewOfFile
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
GetFileAttributesExW
GetLongPathNameW
HeapCreate
GetTempPathW
PostQueuedCompletionStatus
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
ShowWindow
GetSystemMetrics
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
ExifTool file metadata
SubsystemVersion
5.0

Comments
Creates, modifies or queries Windows shell links (shortcuts)

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.10.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Creates, modifies or queries Windows shell links (shortcuts)

CharacterSet
Unicode

InitializedDataSize
63488

FileOS
Windows 32-bit

PoweredBy
Dream Theater

MIMEType
application/octet-stream

LegalCopyright
Copyright 2000-2003 Marty List, www.OptimumX.com

FileVersion
1.1

TimeStamp
2013:10:08 16:19:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Shortcut

FileAccessDate
2014:02:23 05:03:28+01:00

ProductVersion
1.1

UninitializedDataSize
0

OSVersion
5.0

FileCreateDate
2014:02:23 05:03:28+01:00

OriginalFilename
Shortcut.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Optimum X

CodeSize
105472

ProductName
Optimum X Shortcut

ProductVersionNumber
1.10.0.0

EntryPoint
0x17e0

ObjectFileType
Executable application

File identification
MD5 adc9cafbd4e2aa91e4aa75e10a948213
SHA1 fc8bb27d7257cbbf6275d5eb741b4b6000d27e8f
SHA256 9e49807c60518ae4b16db7552a0cc31940bddf23f8a6a2bc9e43ba5f831fe7f5
ssdeep
384:x6GE9sIOHnlC9cNcdf1JWI7VucTzcNUhQOt7HW78ZjkFh:xTIOFC9ciAIcYoShTra8ZjW

imphash 47a89b86d4bf4ef121d4ccbee7ba2459
File size 166.0 KB ( 169984 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-08 15:55:03 UTC ( 6 months, 1 week ago )
Last submission 2013-11-16 19:45:31 UTC ( 5 months ago )
File names YouWhoreTIFF-fb.com
YouBitchTIFF-fb.com
output.15906448.txt
Shortcut.exe
437d31e550038721955598bc398038f38495bda9
vti-rescan
Shortcut
IamLolJPEG-facebook.com
fc8bb27d7257cbbf6275d5eb741b4b6000d27e8f_dlimage11.ex
IamNakedJPEG-fb
YouBitchTIFF-fb.com.exe
MeNiceJPG-fb.com
15906448
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!