× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a4853d532c97bf2915f515ccc5b6b811e126a6a2d0cf6edacb49c4eaed132802
File name: 74f8b230f44bb988a4ac6dea5bdf2bf0
Detection ratio: 33 / 46
Analysis date: 2013-10-30 02:16:31 UTC ( 5 years, 3 months ago ) View latest
Antivirus Result Update
Yandex Trojan.Injector!QbqRPO/1y/k 20131029
AhnLab-V3 Trojan/Win32.Blocker 20131029
AntiVir TR/Dropper.Gen 20131030
Avast Win32:Downloader-HZB [Trj] 20131030
AVG PSW.Generic8.CGFH 20131029
BitDefender Gen:Trojan.Heur2.FU.jCW@a8FRyzdi 20131030
Commtouch W32/CeeInject.AE.gen!Eldorado 20131030
Comodo UnclassifiedMalware 20131029
DrWeb Trojan.Packed.21727 20131030
Emsisoft Gen:Trojan.Heur2.FU.jCW@a8FRyzdi (B) 20131030
ESET-NOD32 a variant of Win32/Injector.KOY 20131030
F-Prot W32/CeeInject.AE.gen!Eldorado 20131030
GData Gen:Trojan.Heur2.FU.jCW@a8FRyzdi 20131030
Ikarus Virus.Win32.CeeInject 20131030
Jiangmin Trojan/Generic.lupm 20131029
K7AntiVirus Riskware 20131029
K7GW Backdoor 20131029
Kaspersky Trojan-Ransom.Win32.Blocker.adwl 20131030
Kingsoft Win32.Troj.Undef.(kcloud) 20130829
Malwarebytes Trojan.Agent 20131030
McAfee Spy-Agent.fv 20131030
McAfee-GW-Edition Spy-Agent.fv 20131029
Microsoft VirTool:Win32/CeeInject.gen!EC 20131030
eScan Gen:Trojan.Heur2.FU.jCW@a8FRyzdi 20131028
Norman FakeAlert.CKCT 20131029
Panda Generic Trojan 20131029
Sophos AV Mal/EncPk-ZS 20131030
SUPERAntiSpyware Trojan.Agent/Gen-Injector 20131030
Symantec Trojan.Gen 20131030
TheHacker Trojan/Injector.koy 20131029
TrendMicro-HouseCall HV_CEEINJECT_CA223583.TOMC 20131030
VBA32 Hoax.Blocker 20131029
VIPRE Trojan.Win32.Ceeinject.a (v) 20131030
Antiy-AVL 20131029
Baidu-International 20131029
Bkav 20131029
ByteHero 20131028
CAT-QuickHeal 20131029
ClamAV 20131029
Fortinet 20131030
NANO-Antivirus 20131029
nProtect 20131029
Rising 20131029
TotalDefense 20131029
TrendMicro 20131030
ViRobot 20131029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-06-18 15:13:14
Entry Point 0x00007B58
Number of sections 7
PE sections
PE imports
HeapSize
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
HeapDestroy
VirtualProtect
IsDebuggerPresent
ExitProcess
TlsAlloc
GetOEMCP
GetEnvironmentStringsW
GetLocaleInfoW
GetModuleFileNameA
RtlUnwind
IsProcessorFeaturePresent
HeapSetInformation
GetCurrentProcess
SetConsoleCtrlHandler
GetCurrentProcessId
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
EncodePointer
GetCurrentThread
WideCharToMultiByte
LoadLibraryW
TlsFree
DeleteCriticalSection
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
DecodePointer
GetModuleHandleW
FreeLibrary
TerminateProcess
QueryPerformanceCounter
IsValidCodePage
HeapCreate
GetStringTypeW
FatalAppExitA
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
LeaveCriticalSection
SetLastError
InterlockedIncrement
gethostbyname
Number of PE resources by type
ANUVKOA9 2
RT_ICON 2
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2011:06:18 16:13:14+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
45568

LinkerVersion
10.0

EntryPoint
0x7b58

InitializedDataSize
114176

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 74f8b230f44bb988a4ac6dea5bdf2bf0
SHA1 21e72acc2fc14aeb06480b446815e81b18bc6353
SHA256 a4853d532c97bf2915f515ccc5b6b811e126a6a2d0cf6edacb49c4eaed132802
ssdeep
3072:yL7LNp+LT9oZ/6J2Y2sUIa7JEpqLret1VnXii5SvxfoM+T/nRuToUTh0l09:yxpS9occTK+6ThX38pdYMsUS

authentihash 55bd015484bc2b9689b29268ec5a5bb0ffc890c70b7fbc0c47377c5e399ee74e
imphash cfe8b288af4f74a254317ab56fefbf8f
File size 157.0 KB ( 160768 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-30 02:16:31 UTC ( 5 years, 3 months ago )
Last submission 2013-10-30 02:16:31 UTC ( 5 years, 3 months ago )
File names 74f8b230f44bb988a4ac6dea5bdf2bf0
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!