× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ac44e00b0876f6624031afa29ccfc564a65551aea1c71dabbcf4fc18c0a142bf
File name: Deposito 26-10-2012.doc.exe
Detection ratio: 11 / 44
Analysis date: 2012-10-31 17:43:59 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
AVG PSW.Banker6.AJPX 20121031
AntiVir ADSPY/Agent.86528.1 20121031
Avast Win32:Spyware-gen [Spy] 20121031
ESET-NOD32 a variant of MSIL/Spy.Banker.AK 20121031
F-Secure Trojan.Generic.KD.776090 20121031
GData Trojan.Generic.KD.776090 20121031
Kaspersky UDS:DangerousObject.Multi.Generic 20121031
MicroWorld-eScan Trojan.Generic.KD.776090 20121031
Symantec WS.Reputation.1 20121031
TrendMicro TSPY_BANKER.GLB 20121031
TrendMicro-HouseCall TSPY_BANKER.GLB 20121031
Agnitum 20121031
AhnLab-V3 20121031
Antiy-AVL 20121027
BitDefender 20121031
ByteHero 20121030
CAT-QuickHeal 20121031
ClamAV 20121031
Commtouch 20121031
Comodo 20121031
DrWeb 20121031
Emsisoft 20121031
F-Prot 20121030
Fortinet 20121031
Ikarus 20121031
Jiangmin 20121031
K7AntiVirus 20121031
Kingsoft 20121028
McAfee 20121031
McAfee-GW-Edition 20121031
Microsoft 20121031
Norman 20121031
PCTools 20121031
Panda 20121031
Rising 20121031
SUPERAntiSpyware 20121031
Sophos 20121031
TheHacker 20121031
TotalDefense 20121030
VBA32 20121030
VIPRE 20121031
ViRobot 20121031
eSafe 20121028
nProtect 20121031
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-30 01:59:04
Entry Point 0x00006F2E
Number of sections 4
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 12
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 15
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
65024

FileOS
Win32

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
1.0.0.0

TimeStamp
2012:10:30 01:59:04+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
v0.exe

ProductVersion
1.0.0.0

FileDescription
v0

OSVersion
4.0

OriginalFilename
v0.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
20480

ProductName
v0

ProductVersionNumber
1.0.0.0

EntryPoint
0x6f2e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 c4cb5a0255397cc2cb3d13e01b44d3fa
SHA1 e8c1d9455bd184d162d29b44d0145e55f7888a23
SHA256 ac44e00b0876f6624031afa29ccfc564a65551aea1c71dabbcf4fc18c0a142bf
ssdeep
768:KSVpwWAHzjidrS2qcAqXrzkaXlZ4l7mJshx9Ahz9:HwWATjidRqQrQaXl+l6sr9Al9

File size 84.5 KB ( 86528 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (83.3%)
Win32 Executable Generic (9.7%)
Win16/32 Executable Delphi generic (2.3%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe

VirusTotal metadata
First submission 2012-10-30 14:26:45 UTC ( 1 year, 5 months ago )
Last submission 2012-10-31 13:28:23 UTC ( 1 year, 5 months ago )
File names e8c1d9455bd184d162d29b44d0145e55f7888a23.exe
file-4708513_exe
Deposito_26-10-2012.doc.exe
Deposito 26-10-2012.doc.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!