× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ad03658cc929bf9c52a91c2488ddfa2bb85ac1ed0ae2a3f022afdf90020483d5
File name: zt4ug
Detection ratio: 14 / 56
Analysis date: 2016-10-31 10:59:24 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9816 20161031
Bkav HW32.Packed.ABDA 20161031
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
ESET-NOD32 a variant of Win32/Kryptik.FIKB 20161031
Sophos ML ransom.win32.locky.a 20161018
Kaspersky HEUR:Trojan.Win32.Generic 20161031
McAfee-GW-Edition BehavesLike.Win32.Backdoor.dh 20161031
Panda Trj/Genetic.gen 20161030
Qihoo-360 HEUR/QVM39.1.0000.Malware.Gen 20161031
Rising Malware.Generic!Zl459GVA8AN@1 (thunder) 20161031
Sophos AV Mal/RansomDl-B 20161031
Symantec Heur.AdvML.B 20161031
TrendMicro Ransom_HPLOCKY.SM60 20161031
TrendMicro-HouseCall Ransom_HPLOCKY.SM60 20161031
Ad-Aware 20161031
AegisLab 20161031
AhnLab-V3 20161030
Alibaba 20161031
ALYac 20161031
Antiy-AVL 20161031
Arcabit 20161031
Avast 20161031
AVG 20161031
Avira (no cloud) 20161031
AVware 20161031
BitDefender 20161031
CAT-QuickHeal 20161031
ClamAV 20161031
CMC 20161031
Comodo 20161031
Cyren 20161031
DrWeb 20161031
Emsisoft 20161031
F-Prot 20161031
F-Secure 20161031
Fortinet 20161031
GData 20161031
Ikarus 20161031
Jiangmin 20161031
K7AntiVirus 20161031
K7GW 20161031
Kingsoft 20161031
Malwarebytes 20161031
McAfee 20161031
Microsoft 20161031
eScan 20161031
NANO-Antivirus 20161031
nProtect 20161028
SUPERAntiSpyware 20161031
Tencent 20161031
TheHacker 20161029
VBA32 20161029
VIPRE 20161031
ViRobot 20161031
Yandex 20161030
Zillya 20161028
Zoner 20161031
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
wisecleaner.net

Original name assisant2
Internal name Assisant2
File version 2.3.2.50
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-31 06:13:32
Entry Point 0x0000A049
Number of sections 5
PE sections
PE imports
RegCreateKeyExW
CryptDestroyKey
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyW
CryptVerifySignatureW
LookupPrivilegeValueW
RegEnumKeyW
RegRestoreKeyW
CryptHashData
RegQueryValueExW
CryptCreateHash
SetSecurityDescriptorDacl
RegFlushKey
OpenProcessToken
RegOpenKeyExW
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
RegCreateKeyExA
CryptReleaseContext
GetUserNameW
RegQueryInfoKeyW
RegEnumKeyExW
OpenThreadToken
GetUserNameA
RegEnumKeyA
CryptDestroyHash
CryptAcquireContextW
CryptGetUserKey
RegDeleteValueW
RegSetValueExW
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
RegDeleteValueA
ImageList_BeginDrag
ImageList_SetBkColor
ImageList_Replace
FlatSB_SetScrollInfo
ImageList_SetImageCount
ImageList_Read
ImageList_GetDragImage
FlatSB_SetScrollProp
ImageList_Create
ImageList_DragMove
Ord(17)
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageCount
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetBkColor
FlatSB_SetScrollPos
ImageList_DragEnter
ImageList_Add
InitializeFlatSB
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove
FlatSB_GetScrollInfo
ImageList_EndDrag
GetSaveFileNameW
GetFileTitleW
CommDlgExtendedError
ImmReleaseContext
ImmGetContext
GetStdHandle
FileTimeToDosDateTime
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
SignalObjectAndWait
GetFileAttributesW
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
CreatePipe
HeapReAlloc
GetDriveTypeW
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
SetErrorMode
GetLogicalDrives
GetFileInformationByHandle
GetThreadContext
GetLocaleInfoW
EnumResourceLanguagesW
GetFileTime
GetTempPathA
GetCPInfo
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetStringTypeW
ResumeThread
SetFileAttributesA
FreeLibrary
LocalFree
FormatMessageW
GetThreadPriority
GetExitCodeProcess
InitializeCriticalSection
LoadResource
GlobalHandle
GetLogicalDriveStringsW
FindClose
TlsGetValue
MoveFileW
GetFullPathNameW
GetCurrentThread
GetUserDefaultUILanguage
DeviceIoControl
LocalLock
lstrcpynW
OutputDebugStringW
RemoveDirectoryW
Beep
HeapAlloc
GetModuleFileNameA
LoadLibraryA
RaiseException
SetProcessWorkingSetSize
GetPriorityClass
GetVolumeInformationW
LoadLibraryExW
MultiByteToWideChar
EnumCalendarInfoW
SetFilePointerEx
GetSystemPowerStatus
FlushInstructionCache
GetPrivateProfileStringW
FormatMessageA
CreateMutexA
SetFileAttributesW
GlobalAddAtomW
CreateThread
GetSystemDirectoryW
DeleteCriticalSection
GetExitCodeThread
CreateSemaphoreW
ConvertDefaultLocale
GetCurrentProcess
CreateMutexW
MulDiv
ExitThread
GlobalMemoryStatus
SetCurrentDirectoryW
GlobalAlloc
LocalFileTimeToFileTime
GetDiskFreeSpaceExW
SetEndOfFile
GetVersion
LeaveCriticalSection
WriteConsoleW
CloseHandle
HeapFree
EnterCriticalSection
SetHandleCount
LoadLibraryW
GlobalGetAtomNameW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
GetVersionExA
GetModuleHandleW
RtlUnwind
CopyFileW
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
OpenProcess
CreateDirectoryA
DeleteFileA
GetDateFormatW
GetStartupInfoW
ReadProcessMemory
CreateDirectoryW
DeleteFileW
GlobalLock
GetProcessHeap
GetTempFileNameW
GetComputerNameW
CompareStringW
lstrcpyW
GetModuleFileNameW
ExpandEnvironmentStringsW
lstrcmpA
FindFirstFileA
ResetEvent
GetComputerNameA
FindNextFileA
DuplicateHandle
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
SwitchToThread
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
SetFileTime
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
InterlockedCompareExchange
WritePrivateProfileStringW
SuspendThread
QueryPerformanceFrequency
ReleaseSemaphore
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
GlobalFlags
FindNextFileW
GetACP
GetCurrentThreadId
FreeResource
FileTimeToLocalFileTime
GetFileAttributesExW
SetStdHandle
GetEnvironmentStrings
UnmapViewOfFile
FindResourceW
VirtualQuery
VirtualFree
Sleep
VirtualAlloc
GetOEMCP
CompareStringA
TransparentBlt
AlphaBlend
SysStringLen
SysAllocString
SafeArrayCreate
VariantCopy
VariantInit
CreateErrorInfo
SafeArrayGetLBound
UnRegisterTypeLib
SafeArrayDestroy
SafeArrayGetUBound
LoadTypeLib
SysFreeString
LoadRegTypeLib
VariantChangeType
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayGetVartype
SafeArrayCopy
SetErrorInfo
VarUI4FromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
RegisterTypeLib
VariantClear
SysReAllocStringLen
GetErrorInfo
SafeArrayGetDim
EnumProcesses
EnumProcessModules
GetModuleBaseNameW
SHGetFolderLocation
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHCreateDirectoryExW
SHBrowseForFolderW
DragQueryFileW
SHFileOperationW
SHGetPathFromIDListW
ShellExecuteExA
ShellExecuteA
ExtractIconExW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetMalloc
CommandLineToArgvW
DragFinish
PathFindFileNameW
SHCopyKeyW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathMakeSystemFolderW
PathUnmakeSystemFolderW
RedrawWindow
GetMessagePos
RegisterWindowMessageW
UnregisterHotKey
SetMenuItemBitmaps
LoadBitmapW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
SetWindowPos
IsWindow
GrayStringW
DispatchMessageA
EndPaint
EndDialog
WindowFromPoint
DefWindowProcW
AppendMenuW
DrawIcon
CharUpperBuffW
SetMenuItemInfoW
SendMessageW
SetActiveWindow
GetDC
GetCursorPos
CharLowerBuffW
GetDlgCtrlID
DefFrameProcW
UnregisterClassA
SendMessageA
UnregisterClassW
GetClientRect
GetMenuItemInfoW
DefMDIChildProcW
AllowSetForegroundWindow
DrawTextW
GetNextDlgTabItem
InSendMessage
CallNextHookEx
GetSysColor
TrackPopupMenu
ClientToScreen
GetTopWindow
RegisterHotKey
GetWindowTextW
EnumClipboardFormats
LoadImageA
GetWindowTextLengthW
LoadAcceleratorsW
ScrollWindow
GetMenuItemID
MapVirtualKeyW
GetMessageA
GetParent
UpdateWindow
GetPropW
EqualRect
SetClassLongW
ShowScrollBar
GetMenuState
CreateCaret
MapVirtualKeyExW
GetMessageW
ShowWindow
GetCaretPos
DrawFrameControl
SetPropW
EnumDisplayMonitors
PeekMessageW
TranslateMDISysAccel
InsertMenuItemW
CharUpperW
MapWindowPoints
PeekMessageA
GetMenuCheckMarkDimensions
TranslateMessage
IsWindowEnabled
GetWindow
DestroyCaret
ActivateKeyboardLayout
SetClipboardData
GetIconInfo
MsgWaitForMultipleObjects
SetParent
RegisterClassW
GetWindowPlacement
LoadStringW
SetWindowLongW
GetKeyboardLayoutList
EnableMenuItem
TrackPopupMenuEx
DrawFocusRect
GetDCEx
GetActiveWindow
GetKeyboardLayout
FillRect
CopyRect
GetSysColorBrush
GetDialogBaseUnits
GetClassInfoW
CreateWindowExW
ReleaseDC
CreateMenu
GetMenuStringW
DragDetect
IsDialogMessageA
SetFocus
VkKeyScanExW
GetMonitorInfoW
ReleaseCapture
DrawEdge
SetCapture
BeginPaint
OffsetRect
SetCaretPos
GetScrollPos
KillTimer
TrackMouseEvent
GetComboBoxInfo
CharPrevW
DefWindowProcA
GetClipboardData
GetClassInfoExW
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
InflateRect
PostMessageA
IsDialogMessageW
DrawTextExW
CharLowerW
SetWindowLongA
SendDlgItemMessageW
PostMessageW
MonitorFromRect
IntersectRect
CheckDlgButton
WaitMessage
CreatePopupMenu
CheckMenuItem
GetSubMenu
GetClassLongW
GetLastActivePopup
PtInRect
DrawIconEx
GetMessageTime
SetWindowTextW
SetTimer
GetDlgItem
RemovePropW
BringWindowToTop
GetSystemMenu
ScreenToClient
GetAsyncKeyState
GetKeyboardState
PostThreadMessageW
GetMenuItemCount
AttachThreadInput
GetDesktopWindow
SetWindowsHookExW
LoadCursorW
LoadIconW
ReuseDDElParam
DispatchMessageW
InsertMenuW
SetForegroundWindow
PostThreadMessageA
OpenClipboard
EmptyClipboard
GetCaretBlinkTime
CreateDialogIndirectParamW
DrawTextA
GetScrollRange
SetLayeredWindowAttributes
GetScrollInfo
FindWindowW
GetCapture
MessageBeep
LoadMenuW
RemoveMenu
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
GetMenu
RegisterClassExW
SetMenu
MoveWindow
LoadKeyboardLayoutW
DialogBoxIndirectParamW
MessageBoxA
GetCursor
GetWindowDC
DestroyCursor
AdjustWindowRectEx
MsgWaitForMultipleObjectsEx
RegisterClipboardFormatW
GetKeyState
EndDeferWindowPos
SystemParametersInfoA
UpdateLayeredWindow
GetDoubleClickTime
TabbedTextOutW
DestroyIcon
GetWindowLongW
ShowOwnedPopups
WinHelpW
UnpackDDElParam
SystemParametersInfoW
FrameRect
SetRect
DeleteMenu
InvalidateRect
SendMessageTimeoutA
CharNextW
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
ValidateRect
IsRectEmpty
GetClassNameA
GetFocus
EnableWindow
CloseClipboard
IsWindowVisible
TranslateAcceleratorW
GetKeyboardType
UnhookWindowsHookEx
SetCursor
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
InternetTimeFromSystemTimeW
HttpQueryInfoW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetTimeToSystemTimeW
InternetSetOptionW
HttpSendRequestW
InternetErrorDlg
InternetReadFile
InternetGetConnectedState
InternetGetLastResponseInfoW
HttpOpenRequestW
HttpAddRequestHeadersW
setsockopt
bind
socket
recvfrom
send
ioctlsocket
WSAStartup
gethostbyname
connect
WSACleanup
sendto
closesocket
htons
recv
select
GdipDrawImageRectRect
GdipGetFontStyle
GdipDrawRectangleI
GdipCreateLineBrushFromRectWithAngleI
GdipSaveGraphics
GdipGetGenericFontFamilySansSerif
GdipTranslateMatrix
GdipSetPenBrushFill
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipDisposeImage
GdipImageSelectActiveFrame
GdipGetFamilyName
GdipGetFontSize
GdipGetCompositingMode
GdipGetTextRenderingHint
GdipGetCellAscent
GdipGetClipBounds
GdipSetStringFormatAlign
GdipImageGetFrameCount
GdipGetImageWidth
GdipDrawImageI
GdipStringFormatGetGenericTypographic
GdipCreateFont
GdipCloneBrush
GdipCloneStringFormat
GdipSetClipRect
GdipFree
GdipGetImageRawFormat
GdipGetImageHeight
GdipDeleteStringFormat
GdipTranslateWorldTransform
GdipSetPenDashStyle
GdipSetTextRenderingHint
GdipCreateBitmapFromHICON
GdipGetImageHorizontalResolution
GdipSetImageAttributesColorMatrix
GdipSaveImageToFile
GdipMeasureString
GdipTransformMatrixPoints
GdipBitmapSetResolution
GdiplusStartup
GdipDrawImageRectRectI
GdipGetFamily
GdipFillPath
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImageEncoders
GdipFillRectangleI
GdipDisposeImageAttributes
GdipSetCompositingMode
GdipClosePathFigure
GdipCreateMatrix
GdipDrawLine
GdipRotateMatrix
GdipGetImageGraphicsContext
GdipRestoreGraphics
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipClonePen
GdipGetCellDescent
GdipStringFormatGetGenericDefault
GdipDrawPath
GdipDeleteFontFamily
GdipCloneFontFamily
GdipCreatePath
GdipBitmapUnlockBits
GdipFillRectangle
GdipDeleteFont
GdipSetPixelOffsetMode
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawLineI
GdipBitmapGetPixel
GdipCreateFontFamilyFromName
GdipSetStringFormatFlags
GdipDeleteBrush
GdipRotateWorldTransform
GdipInvertMatrix
GdipAddPathArcI
GdipSetMatrixElements
GdipSetClipRectI
GdipGetStringFormatFlags
GdipGetClipBoundsI
GdipGetImagePixelFormat
GdipCreateSolidFill
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetEmHeight
GdipGetDC
GdipDeleteMatrix
GdipGetLineSpacing
GdipDeleteGraphics
GdipTransformPath
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCreatePen1
GdipDrawRectangle
GdipAlloc
GdipDeletePath
GdipDeletePen
GdipSetInterpolationMode
GdipDrawString
GdipCloneImage
GdipReleaseDC
_purecall
__p__fmode
malloc
fgetc
??1type_info@@UAE@XZ
memset
fclose
__dllonexit
fprintf
fflush
strlen
_iob
_except_handler3
fputc
_onexit
wcslen
fputs
exit
_XcptFilter
_fileno
__setusermatherr
__p__commode
__CxxFrameHandler
_CxxThrowException
?terminate@@YAXXZ
_exit
_adjust_fdiv
memcmp
free
__p___initenv
_isatty
wcsncmp
__getmainargs
calloc
_controlfp
memmove
memcpy
_beginthreadex
_initterm
__set_app_type
_wtoi
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject
CoLockObjectExternal
CoUninitialize
OleSetContainedObject
RegisterDragDrop
CLSIDFromProgID
OleLockRunning
StringFromGUID2
RevokeDragDrop
CoRegisterClassObject
CoCreateInstanceEx
CoCreateGuid
CLSIDFromString
CoTaskMemFree
CoTaskMemRealloc
OleInitialize
SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree
CreateURLMonikerEx
Number of PE resources by type
RT_ICON 28
RT_GROUP_ICON 3
RT_VERSION 1
Number of PE resources by language
ENGLISH US 32
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileVersionNumber
2.3.2.50

LanguageCode
English (British)

FileFlagsMask
0x0000

CharacterSet
Windows, Latin1

InitializedDataSize
113152

EntryPoint
0xa049

OriginalFileName
assisant2

MIMEType
application/octet-stream

LegalCopyright
wisecleaner.net

FileVersion
2.3.2.50

TimeStamp
2016:10:31 07:13:32+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
Assisant2

ProductVersion
2.3

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
wisecleaner

CodeSize
123904

FileSubtype
0

ProductVersionNumber
2.3.2.50

FileTypeExtension
dll

ObjectFileType
Executable application

File identification
MD5 411b4d8089889987ec47c1bdcc348e93
SHA1 eb94c6570ee0031184f3cea5a148f241996025d1
SHA256 ad03658cc929bf9c52a91c2488ddfa2bb85ac1ed0ae2a3f022afdf90020483d5
ssdeep
3072:clbZCRtIlSFXK+3xgwRjcNPZdh5kKJdzeJCFnjGuOIgnBgN1fWdZxFyBErdwBVGr:abQRtTtKEj0dhpdz8cOIE9yqS

authentihash 246a0e4799761e10d96ec3d6d2eb41cfbe90340797725955810d29285ef0d035
imphash a23d5ed45b5bb2d45988b4d790bb2fb7
File size 232.5 KB ( 238080 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
pedll

VirusTotal metadata
First submission 2016-10-31 10:59:24 UTC ( 2 years, 3 months ago )
Last submission 2016-10-31 10:59:24 UTC ( 2 years, 3 months ago )
File names Assisant2
zt4ug
assisant2
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!