× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9ff1f9cb91fa190b85cccb9ee81b69370d76305d1af64aa3e4a04fc6db56ba91
File name: malw_8.ex_
Detection ratio: 21 / 40
Analysis date: 2011-05-01 14:21:16 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
AVG Downloader.Generic10.BWWG 20110501
AntiVir TR/Rimecud.A.40 20110501
Antiy-AVL Trojan/Win32.Small.gen 20110501
Avast Win32:Malware-gen 20110501
Avast5 Win32:Malware-gen 20110501
BitDefender Trojan.Generic.5687359 20110501
CAT-QuickHeal Worm.Silly.CF 20110430
DrWeb Trojan.MulDrop1.62271 20110501
F-Secure Trojan.Generic.5687359 20110501
GData Trojan.Generic.5687359 20110501
Ikarus Trojan.Win32.Rimecud 20110501
Jiangmin Trojan/Buzus.txr 20110430
McAfee Artemis!ABA23B3D6A20 20110501
McAfee-GW-Edition Artemis!ABA23B3D6A20 20110430
Microsoft Trojan:Win32/Rimecud 20110501
NOD32 Win32/Bflient.K 20110501
Norman W32/DLoader.AMWUY 20110501
Panda Trj/CI.A 20110501
TheHacker Trojan/Bflient.k 20110430
VIPRE Trojan.Win32.Generic!BT 20110501
VirusBuster Trojan.Rimecud!TL2B/RQXrd4 20110430
AhnLab-V3 20110430
ClamAV 20110501
Commtouch 20110501
Comodo 20110501
F-Prot 20110501
Fortinet 20110501
K7AntiVirus 20110430
PCTools 20110429
Prevx 20110501
Rising 20110429
SUPERAntiSpyware 20110501
Sophos 20110501
Symantec 20110501
TrendMicro 20110501
TrendMicro-HouseCall 20110501
VBA32 20110429
ViRobot 20110501
eSafe 20110428
eTrust-Vet 20110429
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block
Copyright
Copyright (c)1998-2000 Dale Nurden, All Rights Reserved

Publisher Dale Nurden
Product TClockEx
Original name TCLOCKEX.EXE
Internal name TCLOCKEX
File version 1.4.2
Description TClockEx loader
PE header basic information
Number of sections 7
PE sections
PE imports
SelectObject
BitBlt
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
CreateCompatibleDC
GetLastError
CloseHandle
CreateMutexA
ContinueDebugEvent
ResumeThread
OutputDebugStringA
OutputDebugStringW
SetThreadContext
GetThreadContext
WaitForDebugEvent
WriteProcessMemory
UnmapViewOfFile
InitializeCriticalSection
FreeConsole
CreateThread
SuspendThread
DebugActiveProcess
SetEnvironmentVariableA
GetCurrentProcessId
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
GetVersionExA
GetProcAddress
LoadLibraryA
GetEnvironmentVariableA
VirtualProtect
VirtualAlloc
SetLastError
ReleaseMutex
WaitForSingleObject
OpenMutexA
SetErrorMode
GetShortPathNameA
GetModuleFileNameA
GetShortPathNameW
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
IsBadReadPtr
GlobalAddAtomA
GlobalAddAtomW
GlobalFree
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalGetAtomNameW
ExitProcess
GetLocalTime
MultiByteToWideChar
SearchPathA
GetTempPathA
GetTempPathW
GetTempFileNameA
GetTempFileNameW
GetWindowsDirectoryA
CreateFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
DeleteFileA
VirtualProtectEx
CreateProcessA
GetStartupInfoA
GetCommandLineA
SetEvent
CreateEventA
GetSystemTimeAsFileTime
GetCurrentThreadId
ReadFile
GetFileSize
CompareStringA
SetEndOfFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTimeZoneInformation
HeapSize
FreeLibrary
SetConsoleCtrlHandler
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
CompareStringW
IsValidCodePage
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetCPInfo
GetDateFormatA
GetTimeFormatA
GetProcessHeap
HeapAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
EnterCriticalSection
ReadProcessMemory
LeaveCriticalSection
GetExitCodeProcess
GetCurrentThread
SetThreadPriority
Sleep
GetTickCount
VirtualQueryEx
MoveFileA
GetModuleHandleA
UnhandledExceptionFilter
TerminateProcess
RaiseException
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
DeleteCriticalSection
InterlockedCompareExchange
GetFileAttributesA
GetFileAttributesW
GetFileAttributesExW
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileAttributesExA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindClose
GetFileTime
SetFileTime
GetDiskFreeSpaceExW
GetFullPathNameW
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
CreateHardLinkW
GetDiskFreeSpaceExA
GetFullPathNameA
RemoveDirectoryA
CreateDirectoryA
CreateHardLinkA
MoveFileW
CopyFileW
CopyFileA
GetFileInformationByHandle
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
LocalFree
FormatMessageA
RtlUnwind
CreateWindowExA
MessageBoxA
DispatchMessageA
BeginPaint
EndPaint
KillTimer
GetAsyncKeyState
DefDlgProcA
DrawTextA
CreateDialogParamA
RegisterClassExA
DialogBoxParamA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
InSendMessage
UnpackDDElParam
FreeDDElParam
DefWindowProcW
DefWindowProcA
LoadCursorA
RegisterClassW
CreateWindowExW
RegisterClassA
GetDlgItem
GetWindowThreadProcessId
SendMessageW
PeekMessageA
EnumWindows
IsWindowUnicode
PackDDElParam
PostMessageW
PostMessageA
IsWindow
LoadStringA
LoadStringW
FindWindowA
DestroyWindow
GetDesktopWindow
GetSystemMetrics
MoveWindow
SendMessageA
SetPropA
EnumThreadWindows
GetPropA
WaitForInputIdle
SetTimer
GetMessageA
TranslateMessage
GetSaveFileNameA
GetOpenFileNameA
File identification
MD5 aba23b3d6a205ac55b3141e8c3d21c20
SHA1 cc61a8c4e6e227e412db93c56e5a6ba833fb6b94
SHA256 9ff1f9cb91fa190b85cccb9ee81b69370d76305d1af64aa3e4a04fc6db56ba91
ssdeep
24576:nfYHL8RjeqmGqXCgZ2nbATEYBO6iLSAqMkACAq7bF3Em:n+DGqXYnbATi6iLnrkACPp3Em

File size 1.4 MB ( 1499136 bytes )
File type Win32 EXE
Magic literal

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
VirusTotal metadata
First submission 2011-05-01 14:21:16 UTC ( 3 years, 2 months ago )
Last submission 2011-05-03 03:28:25 UTC ( 3 years, 2 months ago )
File names aba23b3d6a205ac55b3141e8c3d21c20
malw_8.ex_
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!