× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ad64e041a8feedbc0ca91dfdd5a51a4bfdba457befb6e97cddeda78fedb53c3f
File name: okogotij.exe.bak
Detection ratio: 29 / 55
Analysis date: 2016-02-22 09:36:29 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.3046869 20160222
Yandex Backdoor.Androm!JSQ7B1m7nLA 20160221
ALYac Trojan.GenericKD.3046869 20160222
Arcabit Trojan.Generic.D2E7DD5 20160222
Avast Win32:Malware-gen 20160222
AVG Inject3.ABGM 20160222
Avira (no cloud) TR/Crypt.ZPACK.226441 20160222
AVware Trojan.Win32.Generic!BT 20160222
BitDefender Trojan.GenericKD.3046869 20160222
DrWeb Trojan.PWS.Siggen1.46869 20160222
Emsisoft Trojan.GenericKD.3046869 (B) 20160222
ESET-NOD32 a variant of Win32/Injector.CSIW 20160222
F-Secure Trojan.GenericKD.3046869 20160222
Fortinet Malicious_Behavior.VEX.98 20160222
GData Trojan.GenericKD.3046869 20160222
Ikarus Trojan-Ransom.CryptoWall3 20160222
K7AntiVirus Trojan ( 004de6c41 ) 20160222
K7GW Trojan ( 004de6c41 ) 20160222
Kaspersky Backdoor.Win32.Androm.jdpv 20160222
McAfee Ransom-Teerac!FBCD04E167EB 20160222
Microsoft Ransom:Win32/Teerac 20160222
eScan Trojan.GenericKD.3046869 20160222
nProtect Trojan.GenericKD.3046869 20160222
Panda Generic Suspicious 20160221
Sophos AV Mal/Ransom-EF 20160222
Tencent Win32.Backdoor.Androm.Egyf 20160222
TrendMicro TROJ_GEN.R028C0DBI16 20160222
VIPRE Trojan.Win32.Generic!BT 20160222
Zillya Backdoor.Androm.Win32.32377 20160222
AegisLab 20160222
AhnLab-V3 20160221
Alibaba 20160222
Antiy-AVL 20160222
Baidu-International 20160221
Bkav 20160220
ByteHero 20160222
CAT-QuickHeal 20160222
ClamAV 20160222
CMC 20160222
Comodo 20160222
Cyren 20160222
F-Prot 20160221
Jiangmin 20160222
Malwarebytes 20160222
McAfee-GW-Edition 20160222
NANO-Antivirus 20160222
Qihoo-360 20160222
Rising 20160222
SUPERAntiSpyware 20160222
Symantec 20160221
TheHacker 20160217
TrendMicro-HouseCall 20160222
VBA32 20160220
ViRobot 20160222
Zoner 20160222
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2006-07-30 01:30:31
Entry Point 0x0000DFE6
Number of sections 4
PE sections
Overlays
MD5 48a4c626f42daae3813a96fce23c5e36
File type data
Offset 176128
Size 1035
Entropy 6.19
PE imports
GetSecurityDescriptorDacl
PlayEnhMetaFileRecord
GetCharABCWidthsW
GetTextMetricsW
SetMapMode
GetWindowOrgEx
SetMetaRgn
ResizePalette
SetTextAlign
GetTextMetricsA
CombineRgn
PlayMetaFile
GetViewportOrgEx
GetObjectType
SetColorAdjustment
GetTextExtentPointA
CopyEnhMetaFileW
StretchBlt
SetWorldTransform
IntersectClipRect
CopyEnhMetaFileA
OffsetWindowOrgEx
CreateEllipticRgn
CreatePen
GetPolyFillMode
GetDIBits
ExtCreateRegion
SetPixelFormat
GetEnhMetaFileBits
GetDCOrgEx
SetMetaFileBitsEx
GetTextFaceA
SwapBuffers
ScaleViewportExtEx
CloseFigure
Pie
SetWindowExtEx
Arc
GetKerningPairsA
WidenPath
ExtCreatePen
GetFontData
ResetDCW
GetBkColor
SetRectRgn
MoveToEx
GetTextCharsetInfo
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
GetClipBox
EnumFontsW
TextOutA
CreateFontIndirectA
CreateEnhMetaFileW
CreateRectRgnIndirect
LPtoDP
GetEnhMetaFileW
EnumFontsA
GetPixel
PolyDraw
OffsetViewportOrgEx
RectInRegion
OffsetClipRgn
BitBlt
EnumFontFamiliesA
GetObjectA
FillRgn
SetAbortProc
ScaleWindowExtEx
PtVisible
CreateEnhMetaFileA
SetWinMetaFileBits
ExtSelectClipRgn
SelectPalette
CloseEnhMetaFile
SetROP2
ExtEscape
GetNearestPaletteIndex
SetDIBColorTable
EnumEnhMetaFile
CancelDC
GetTextColor
SetPixelV
BeginPath
DeleteObject
CreatePenIndirect
SetGraphicsMode
PlayMetaFileRecord
SetBitmapBits
PatBlt
SetColorSpace
SetStretchBltMode
Rectangle
GetDeviceCaps
CreateDCA
PolyPolyline
GetMetaFileBitsEx
DeleteDC
EndDoc
GetMapMode
CreateFontIndirectW
GetWorldTransform
EnumMetaFile
StartPage
GetObjectW
CreateDCW
GetCharWidthA
RealizePalette
CreateHatchBrush
CreateDIBPatternBrushPt
OffsetRgn
CreateBitmap
DeleteColorSpace
GetStockObject
PlayEnhMetaFile
ExtTextOutA
UnrealizeObject
GdiFlush
SelectClipRgn
GetTextAlign
EndPage
GetTextExtentPoint32A
GetWinMetaFileBits
GetEnhMetaFileHeader
GetTextExtentPoint32W
EndPath
CreatePolygonRgn
CreateICA
Polygon
GetGlyphOutlineW
GetRgnBox
SaveDC
CreateICW
SetDeviceGammaRamp
MaskBlt
GetEnhMetaFilePaletteEntries
GetGlyphOutlineA
GetDeviceGammaRamp
SetViewportExtEx
RestoreDC
GetBitmapBits
FillPath
CreateDIBSection
CombineTransform
ExtFloodFill
GetBrushOrgEx
CreateFontA
EnumFontFamiliesExW
SetViewportOrgEx
SetArcDirection
CreateRoundRectRgn
CreateCompatibleDC
PolyBezierTo
CreateFontW
PolyBezier
Chord
CreateRectRgn
RemoveFontResourceA
GetClipRgn
StartDocA
SetPolyFillMode
Ellipse
RemoveFontResourceW
Escape
CreateSolidBrush
Polyline
DPtoLP
StartDocW
CreateCompatibleBitmap
ImmIsIME
ImmSetCompositionWindow
GetPrivateProfileSectionNamesA
GetStartupInfoA
GlobalFindAtomW
GetModuleHandleA
FindResourceW
GetProfileSectionW
CreateFileMappingA
GetThreadTimes
DuplicateHandle
AddAtomW
Ord(1092)
Ord(324)
Ord(3825)
Ord(5265)
Ord(3147)
Ord(2124)
Ord(5199)
Ord(3830)
Ord(4627)
Ord(3597)
Ord(1168)
Ord(4853)
Ord(1086)
Ord(1081)
Ord(3136)
Ord(2982)
Ord(4353)
Ord(3079)
Ord(3262)
Ord(4234)
Ord(5241)
Ord(1028)
Ord(4079)
Ord(1775)
Ord(2055)
Ord(4837)
Ord(1026)
Ord(1049)
Ord(3798)
Ord(1012)
Ord(3259)
Ord(1041)
Ord(3081)
Ord(5065)
Ord(4407)
Ord(2446)
Ord(6374)
Ord(4078)
Ord(2725)
Ord(2554)
Ord(5289)
Ord(2396)
Ord(6376)
Ord(561)
Ord(3831)
Ord(1084)
Ord(3346)
Ord(5302)
Ord(1576)
Ord(1727)
Ord(4486)
Ord(2976)
Ord(2985)
Ord(5163)
Ord(2385)
Ord(815)
Ord(1089)
Ord(1099)
Ord(5300)
Ord(1044)
Ord(4698)
Ord(4998)
Ord(5280)
Ord(3922)
Ord(5277)
Ord(2514)
Ord(5307)
Ord(3749)
Ord(2512)
Ord(2648)
Ord(4441)
Ord(4274)
Ord(5261)
Ord(4465)
Ord(5731)
_adjust_fdiv
__CxxFrameHandler
rand
_acmdln
__setusermatherr
__p__commode
_aexit_rtn
__dllonexit
_onexit
_mbsinc
_setmbcp
atoi
__p__fmode
_mbsstr
__getmainargs
_controlfp
_initterm
__set_app_type
IsWindow
Number of PE resources by type
RT_RCDATA 23
RT_ICON 4
RT_GROUP_ICON 4
RT_DIALOG 2
RT_VERSION 1
Number of PE resources by language
NEUTRAL 34
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.18.225.121

UninitializedDataSize
0

LanguageCode
Unknown (FORM)

FileFlagsMask
0x003f

CharacterSet
Unknown (ALISED)

InitializedDataSize
114688

EntryPoint
0xdfe6

MIMEType
application/octet-stream

LegalCopyright
2011 (C) 2013

FileVersion
0.125.2.24

TimeStamp
2006:07:30 02:30:31+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Hermetic

ProductVersion
0.212.47.24

FileDescription
Flighted Delineated Faster

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Cetus Software Inc.

CodeSize
57344

ProductName
Curse Energiser

ProductVersionNumber
0.150.195.58

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 fbcd04e167ebb4d6420f701456d931da
SHA1 b09cd6896bc7537e3790f6b37edf296e212828cc
SHA256 ad64e041a8feedbc0ca91dfdd5a51a4bfdba457befb6e97cddeda78fedb53c3f
ssdeep
3072:sSZcbFaMTpAxIUDtJ77humWWmuFC1k0OHcPR9QtYu2Fd+DYgBawp0K14tx4:s71Ax5D77hPW64iLzYtdaVp0K1gx4

authentihash 5d24649aea458c3499afdf6c1f98f71ae1a58b925a94370432ba13429979fb25
imphash 186253f4da7535d3c520e210f008deac
File size 173.0 KB ( 177163 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (52.5%)
Windows screen saver (22.0%)
Win32 Dynamic Link Library (generic) (11.0%)
Win32 Executable (generic) (7.5%)
Generic Win/DOS Executable (3.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2016-02-15 14:14:32 UTC ( 3 years ago )
Last submission 2016-02-22 09:36:29 UTC ( 3 years ago )
File names okogotij.exe.bak
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!