× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aa240ff1ad168cd8ff3f5f43e7b92958d5ee6aac52d9e7f32dcb4af5cacad405
File name: SCAN_129_07082013_18911.exe
Detection ratio: 26 / 47
Analysis date: 2013-07-09 07:45:28 UTC ( 5 years, 10 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Inject 20130708
AntiVir TR/Agent.117760.48 20130709
Avast Win32:Dropper-gen [Drp] 20130709
BitDefender Trojan.GenericKD.1097543 20130709
Commtouch W32/Trojan.QKKN-5761 20130709
Comodo UnclassifiedMalware 20130709
DrWeb Trojan.PWS.Stealer.3128 20130709
Emsisoft Trojan.GenericKD.1097543 (B) 20130709
ESET-NOD32 Win32/Kryptik.BFHP 20130708
F-Prot W32/Trojan3.FMT 20130709
F-Secure Trojan.GenericKD.1097543 20130709
Fortinet W32/EncPK.AKE!tr 20130709
GData Trojan.GenericKD.1097543 20130709
Ikarus Win32.SuspectCrc 20130709
Kaspersky Trojan-PSW.Win32.Tepfer.nppd 20130709
Kingsoft Win32.HeurC.KVMH004.a.(kcloud) 20130708
Malwarebytes Malware.Packer.rf 20130709
McAfee RDN/Generic.grp!fk 20130709
McAfee-GW-Edition Artemis!59DE4453DA89 20130709
Microsoft PWS:Win32/Fareit.gen!C 20130709
eScan Trojan.GenericKD.1097543 20130709
Norman Troj_Generic.MQDUZ 20130708
Sophos AV Mal/EncPk-AKE 20130709
SUPERAntiSpyware Trojan.Agent/Gen-Fareit 20130709
TrendMicro-HouseCall TROJ_GEN.F0D1H0ZG813 20130709
VIPRE Win32.Malware!Drop 20130709
Yandex 20130708
Antiy-AVL 20130709
AVG 20130709
ByteHero 20130625
CAT-QuickHeal 20130708
ClamAV 20130709
eSafe 20130709
Jiangmin 20130709
K7AntiVirus 20130708
K7GW 20130708
NANO-Antivirus 20130709
nProtect 20130709
Panda 20130708
PCTools 20130709
Rising 20130709
Symantec 20130709
TheHacker 20130708
TotalDefense 20130708
TrendMicro 20130709
VBA32 20130708
ViRobot 20130709
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-11-13 23:15:40
Entry Point 0x0000203D
Number of sections 6
PE sections
PE imports
InterlockedExchange
GetLastError
lstrcpyW
GetStartupInfoW
LoadLibraryA
lstrcatA
GetStringTypeA
GetModuleHandleA
HeapCreate
ReadFile
GetExitCodeProcess
CreateEventA
SetConsoleTitleA
IsBadWritePtr
SetFileTime
CloseHandle
HeapSize
GetFileSize
LeaveCriticalSection
DllUnregisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer
DwRasUninitialize
ShellAboutA
SHFree
ShellMessageBoxW
DragAcceptFiles
DuplicateIcon
DllUnregisterServer
SHGetSettings
SHGetDiskFreeSpaceA
StrChrA
DragQueryFileA
ExtractIconA
SHGetMalloc
DragFinish
Number of PE resources by type
RT_ICON 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2003:11:14 00:15:40+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4608

LinkerVersion
0.255

EntryPoint
0x203d

InitializedDataSize
0

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 59de4453da8909e96762f2c8cd0d6f37
SHA1 92bebd04b51f62ef85923580280d2731f7a28627
SHA256 aa240ff1ad168cd8ff3f5f43e7b92958d5ee6aac52d9e7f32dcb4af5cacad405
ssdeep
3072:XiXZ42xoNmQKNNXEiw/tjKKT6WcjHjXUaKoKOnDiZaYSj:0oNKP0iwN5MHjXTHKki

authentihash 539046bc57a45d1b8b2bdd84cd4a88b76693668107ec5af254e40424c643805e
imphash 70cd3b4ef1d70120c2d356144e9d3d59
File size 115.0 KB ( 117760 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.2%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-07-08 14:13:13 UTC ( 5 years, 10 months ago )
Last submission 2017-12-06 18:35:34 UTC ( 1 year, 5 months ago )
File names Case_07082013.exe
SCAN_129_07082013_18911.exe-2013-07-09_02_05_01.txt
vt-upload-ED3ji
SCAN_129_07082013_18911.exe_
59de4453da8909e96762f2c8cd0d6f37
SCAN_129_07082013_18911.exe
vt-upload-Us___
vt-upload-wqU8A
vt-upload-zJWcf
006467863
59de4453da8909e96762f2c8cd0d6f37.exe
comendo-34-1373300102
vt-upload-4iUZ8
malekal_59de4453da8909e96762f2c8cd0d6f37
SCAN_129_07082013_18911.ex_
SCAN_129_07082013_18911.exe
59de4453da8909e96762f2c8cd0d6f37
comendo-34
vt-upload-gTBTs
vt-upload-OJxSS
file-5710465_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!