× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a3f31216ce813cafc0288bd53bcdd68919f87e6f3ff354e40c1ea4169ef3183a
File name: Aqv6.exe
Detection ratio: 10 / 68
Analysis date: 2017-11-16 13:47:16 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9905 20171116
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cylance Unsafe 20171116
Endgame malicious (high confidence) 20171024
Fortinet W32/GenKryptik.BCDU!tr 20171116
Sophos ML heuristic 20170914
Palo Alto Networks (Known Signatures) generic.ml 20171116
Qihoo-360 HEUR/QVM20.1.39D5.Malware.Gen 20171116
SentinelOne (Static ML) static engine - malicious 20171113
WhiteArmor Malware.HighConfidence 20171104
Ad-Aware 20171116
AegisLab 20171116
AhnLab-V3 20171116
Alibaba 20170911
ALYac 20171116
Antiy-AVL 20171116
Arcabit 20171116
Avast 20171116
Avast-Mobile 20171116
AVG 20171116
Avira (no cloud) 20171116
AVware 20171116
BitDefender 20171116
Bkav 20171116
CAT-QuickHeal 20171116
ClamAV 20171115
CMC 20171109
Comodo 20171116
Cybereason 20171103
Cyren 20171116
DrWeb 20171116
eGambit 20171116
Emsisoft 20171116
ESET-NOD32 20171116
F-Prot 20171116
F-Secure 20171116
GData 20171116
Ikarus 20171116
Jiangmin 20171116
K7AntiVirus 20171116
K7GW 20171116
Kaspersky 20171116
Kingsoft 20171116
Malwarebytes 20171116
MAX 20171116
McAfee 20171116
McAfee-GW-Edition 20171116
Microsoft 20171116
eScan 20171116
NANO-Antivirus 20171116
nProtect 20171116
Panda 20171116
Rising 20171116
Sophos AV 20171116
SUPERAntiSpyware 20171116
Symantec 20171116
Symantec Mobile Insight 20171116
Tencent 20171116
TheHacker 20171112
TotalDefense 20171116
TrendMicro 20171116
TrendMicro-HouseCall 20171116
Trustlook 20171116
VBA32 20171116
VIPRE 20171116
ViRobot 20171116
Webroot 20171116
Yandex 20171116
Zillya 20171115
ZoneAlarm by Check Point 20171116
Zoner 20171116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-07-05 05:03:18
Entry Point 0x0000D180
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitCommonControlsEx
GetLastError
HeapFree
GetStdHandle
EnterCriticalSection
SetHandleCount
lstrlenA
lstrcmpiA
GetOEMCP
HeapDestroy
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStrings
lstrcatA
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
SetStdHandle
SetFilePointer
GetTempPathA
GetCPInfo
GetModuleHandleA
lstrcmpA
WriteFile
GetCurrentProcess
CloseHandle
GetACP
GetVersion
TerminateProcess
InitializeCriticalSection
HeapCreate
VirtualFree
TlsGetValue
GetFileType
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
VirtualAlloc
SetLastError
LeaveCriticalSection
SetFocus
GetMessageA
UpdateWindow
EndDialog
BeginPaint
PostQuitMessage
DefWindowProcA
FindWindowA
SetWindowPos
GetWindowRect
DispatchMessageA
EndPaint
MoveWindow
WindowFromPoint
TranslateMessage
DialogBoxParamA
GetScrollInfo
RegisterClassExA
ReleaseDC
LoadStringA
ShowWindow
SendMessageA
GetClientRect
CreateWindowExA
LoadAcceleratorsA
wsprintfA
SetTimer
LoadCursorA
LoadIconA
TranslateAcceleratorA
GetDesktopWindow
DestroyWindow
Number of PE resources by type
RT_BITMAP 3
RT_DIALOG 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
FINNISH DEFAULT 6
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.11.9.1

LanguageCode
Unknown (305C)

FileFlagsMask
0x0000

FileDescription
Bigdate Ltd. Gui application

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unknown (5860)

InitializedDataSize
315392

EntryPoint
0xd180

OriginalFileName
Bigdate

MIMEType
application/octet-stream

FileVersion
3.11.9.1

TimeStamp
2015:07:05 06:03:18+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
3.11.9.1

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bigdate Ltd.

CodeSize
142336

ProductName
Bigdate GUI

ProductVersionNumber
3.11.9.1

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0f3b74c94f1b8e53f993fa24a283df86
SHA1 5b250a6b1a12c76a176f3f0c2ba9d7ff3983ef1e
SHA256 a3f31216ce813cafc0288bd53bcdd68919f87e6f3ff354e40c1ea4169ef3183a
ssdeep
6144:3R32Ri+JmO42xDBrpqJOOt2HpEbnabicvhGSjKZNkcPbWSEI:3IRjJmOvBk+inabFZxjKcObWSEI

authentihash 8d1cfc10aaf19804831cea1b5768a9744b8ef7236d88ac60751082abf58a533e
imphash ec76e0c05a066711ed9034f33f13036b
File size 440.0 KB ( 450560 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-11-16 13:47:16 UTC ( 1 year, 2 months ago )
Last submission 2017-12-17 12:30:35 UTC ( 1 year, 1 month ago )
File names 0f3b74c94f1b8e53f993fa24a283df86.exe
sfr.png.exe
ser.png
jfdadhsrfepk.exe
ser.png.exe
0f3b74c94f1b8e53f993fa24a283df86_exe
Aqv6.exe
iecacgsredpj.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Searched windows
Runtime DLLs
UDP communications