× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9e49807c60518ae4b16db7552a0cc31940bddf23f8a6a2bc9e43ba5f831fe7f5
File name: Shortcut
Detection ratio: 40 / 56
Analysis date: 2015-10-26 21:22:33 UTC ( 8 months ago )
Antivirus Result Update
ALYac Gen:Variant.Kazy.262641 20151027
AVG Downloader.Generic13.BNPI 20151026
AVware Trojan.Win32.ZAccess.a!ag (v) 20151026
Ad-Aware Gen:Variant.Kazy.262641 20151027
Yandex Trojan.Yakes!SzHWZVHR6lU 20151026
AhnLab-V3 Trojan/Win32.Tofsee 20151026
Antiy-AVL Trojan/Win32.Yakes 20151027
Arcabit Trojan.Kazy.D401F1 20151027
Avast Win32:Kryptik-NTE [Trj] 20151027
Avira (no cloud) TR/Dldr.Tofsee.D.72 20151027
Baidu-International Trojan.Win32.Yakes.didb 20151026
BitDefender Gen:Variant.Kazy.262641 20151027
CAT-QuickHeal TrojanDownloader.Tofsee.r7 20151027
Comodo TrojWare.Win32.UMal.~A 20151027
DrWeb Trojan.DownLoad3.21597 20151027
ESET-NOD32 a variant of Win32/Kryptik.BMEJ 20151027
Emsisoft Gen:Variant.Kazy.262641 (B) 20151027
F-Secure Gen:Variant.Kazy.262641 20151027
Fortinet W32/Zbot.FG!tr 20151026
GData Gen:Variant.Kazy.262641 20151027
Ikarus Trojan-Downloader.Win32.Tofsee 20151027
Kaspersky Trojan.Win32.Yakes.didb 20151027
Malwarebytes Trojan.MalPack.DLR 20151026
McAfee ZeroAccess-FET!ADC9CAFBD4E2 20151027
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.cz 20151027
eScan Gen:Variant.Kazy.262641 20151027
Microsoft TrojanDownloader:Win32/Tofsee.D 20151027
Panda Generic Malware 20151026
Qihoo-360 HEUR/Malware.QVM19.Gen 20151027
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20151026
Sophos Mal/Generic-S 20151027
Symantec Trojan.Gen 20151026
Tencent Trojan.Win32.YY.Gen.4 20151027
TheHacker Trojan/Kryptik.bmej 20151026
TotalDefense Win32/Tofsee.PWOfKQB 20151026
TrendMicro TROJ_SPNV.05J013 20151027
TrendMicro-HouseCall TROJ_SPNV.05J013 20151027
VBA32 BScope.Malware-Cryptor.LE 20151026
VIPRE Trojan.Win32.ZAccess.a!ag (v) 20151027
Zillya Trojan.Yakes.Win32.19348 20151026
AegisLab 20151026
Alibaba 20151026
Bkav 20151026
ByteHero 20151027
CMC 20151026
ClamAV 20151027
Cyren 20151027
F-Prot 20151027
Jiangmin 20151026
K7AntiVirus 20151026
K7GW 20151026
NANO-Antivirus 20151026
SUPERAntiSpyware 20151027
ViRobot 20151026
Zoner 20151026
nProtect 20151026
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright ©2000-2003 Marty List, www.OptimumX.com

Publisher Optimum X
Product Optimum X Shortcut
Original name Shortcut.exe
Internal name Shortcut
File version 1.10
Description Creates, modifies or queries Windows shell links (shortcuts)
Comments Creates, modifies or queries Windows shell links (shortcuts)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-10-08 15:19:29
Entry Point 0x000017E0
Number of sections 7
PE sections
PE imports
RegOpenKeyExW
GetOpenFileNameA
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
GetOverlappedResult
WaitForSingleObject
LockResource
HeapDestroy
DebugBreak
EnumUILanguagesW
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
MapViewOfFileEx
UnhandledExceptionFilter
OpenFileMappingA
SetErrorMode
lstrcatW
GetLocaleInfoW
EnumResourceLanguagesW
WideCharToMultiByte
GetDiskFreeSpaceW
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
SetEvent
LocalFree
GetProfileIntW
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
MoveFileW
GetFullPathNameW
SetLastError
GetUserDefaultUILanguage
DeviceIoControl
CopyFileW
OutputDebugStringW
GetModuleFileNameW
HeapAlloc
lstrcmpiW
SetThreadPriority
GetVolumeInformationW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
FlushInstructionCache
GetPrivateProfileStringW
SetFilePointer
SetFileAttributesW
CreateThread
SetEnvironmentVariableW
GetExitCodeThread
SetUnhandledExceptionFilter
CreateMutexW
GetVolumeNameForVolumeMountPointW
TerminateProcess
GlobalAlloc
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
GetNumberFormatW
MulDiv
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
FreeLibrary
QueryPerformanceCounter
GetTickCount
IsBadWritePtr
VirtualProtect
LoadLibraryA
GlobalSize
GetStartupInfoA
GetFileSize
GetDateFormatW
SetThreadExecutionState
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetPrivateProfileIntW
GetProcessHeap
GetTempFileNameW
CreateFileMappingW
GetTimeFormatW
lstrcpyW
GetFileSizeEx
RemoveDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
CreateFileMappingA
FindFirstFileW
lstrcmpW
WaitForMultipleObjects
GetProcAddress
SleepEx
CreateEventW
ReadDirectoryChangesW
CreateFileW
CreateFileA
GetCurrentThreadId
InterlockedIncrement
GetLastError
GetShortPathNameW
UnmapViewOfFile
lstrlenA
GlobalFree
FindResourceW
CompareStringW
GetThreadLocale
GlobalUnlock
VirtualQuery
lstrlenW
WinExec
GetQueuedCompletionStatus
SizeofResource
CompareFileTime
GetCurrentProcessId
CreateIoCompletionPort
GetCommandLineW
GetCurrentThread
lstrcpynW
MapViewOfFile
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GlobalLock
GetModuleHandleW
FreeResource
GetFileAttributesExW
GetLongPathNameW
HeapCreate
GetTempPathW
PostQueuedCompletionStatus
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
ShowWindow
GetSystemMetrics
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
ExifTool file metadata
SubsystemVersion
5.0

Comments
Creates, modifies or queries Windows shell links (shortcuts)

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.10.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Creates, modifies or queries Windows shell links (shortcuts)

CharacterSet
Unicode

InitializedDataSize
63488

PoweredBy
Dream Theater

EntryPoint
0x17e0

OriginalFileName
Shortcut.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2000-2003 Marty List, www.OptimumX.com

FileVersion
1.1

TimeStamp
2013:10:08 16:19:29+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Shortcut

ProductVersion
1.1

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Optimum X

CodeSize
105472

ProductName
Optimum X Shortcut

ProductVersionNumber
1.10.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 adc9cafbd4e2aa91e4aa75e10a948213
SHA1 fc8bb27d7257cbbf6275d5eb741b4b6000d27e8f
SHA256 9e49807c60518ae4b16db7552a0cc31940bddf23f8a6a2bc9e43ba5f831fe7f5
ssdeep
384:x6GE9sIOHnlC9cNcdf1JWI7VucTzcNUhQOt7HW78ZjkFh:xTIOFC9ciAIcYoShTra8ZjW

authentihash cd5408b0504e36b51c8f128a24f5f8cbb5ec5e24196989debe7b804d19adc562
imphash 47a89b86d4bf4ef121d4ccbee7ba2459
File size 166.0 KB ( 169984 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-08 15:55:03 UTC ( 2 years, 8 months ago )
Last submission 2013-11-16 19:45:31 UTC ( 2 years, 7 months ago )
File names YouWhoreTIFF-fb.com
YouBitchTIFF-fb.com
output.15906448.txt
Shortcut.exe
437d31e550038721955598bc398038f38495bda9
vti-rescan
Shortcut
IamLolJPEG-facebook.com
fc8bb27d7257cbbf6275d5eb741b4b6000d27e8f_dlimage11.ex
IamNakedJPEG-fb
YouBitchTIFF-fb.com.exe
MeNiceJPG-fb.com
15906448
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!