× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: adaa34d8105438cf068515844c2bdf8aabb8a583342d6cd35c89b372e26454c0
File name: 875c068635236792315ed82f3db1a17b.virus
Detection ratio: 21 / 57
Analysis date: 2016-10-30 21:04:09 UTC ( 2 years, 3 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Yakes.N2142495899 20161030
Antiy-AVL Trojan/Win32.Yakes 20161030
Avast Win32:Malware-gen 20161030
AVG Crypt6.IEK 20161030
Avira (no cloud) TR/Crypt.ZPACK.nsdqv 20161030
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
ESET-NOD32 a variant of Win32/Kryptik.FISA 20161030
Fortinet W32/Yakes.FISA!tr 20161030
GData Win32.Trojan.Agent.YYVGDA 20161030
Ikarus Trojan.Win32.Crypt 20161030
Sophos ML backdoor.win32.kasidet.c 20161018
Kaspersky Trojan.Win32.Yakes.rjyb 20161030
Malwarebytes Trojan.Yakes 20161030
McAfee Artemis!875C06863523 20161030
McAfee-GW-Edition BehavesLike.Win32.IBryte.dm 20161030
Microsoft Trojan:Win32/Dynamer!ac 20161030
Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161030
Sophos AV Mal/Generic-S 20161030
Symantec Heur.AdvML.B 20161030
TrendMicro-HouseCall TROJ_GEN.R0EAH0DJT16 20161030
Yandex Trojan.Yakes!ki7eeBm/6LM 20161030
Ad-Aware 20161030
AegisLab 20161030
Alibaba 20161028
ALYac 20161030
Arcabit 20161030
AVware 20161030
Baidu 20161029
BitDefender 20161030
Bkav 20161030
CAT-QuickHeal 20161029
ClamAV 20161030
CMC 20161030
Comodo 20161030
Cyren 20161030
DrWeb 20161030
Emsisoft 20161030
F-Prot 20161030
F-Secure 20161030
Jiangmin 20161030
K7AntiVirus 20161030
K7GW 20161030
Kingsoft 20161030
eScan 20161030
NANO-Antivirus 20161030
nProtect 20161028
Panda 20161030
Rising 20161030
SUPERAntiSpyware 20161030
Tencent 20161030
TheHacker 20161029
TotalDefense 20161028
TrendMicro 20161030
VBA32 20161029
VIPRE 20161030
ViRobot 20161030
Zillya 20161028
Zoner 20161030
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2005-2013 COMODO. All rights reserved

Product COMODO Internet Security
Original name bsm_chrome.exe
Internal name bsm_chrome.exe
File version 26.0.1410.43
Description COMODO Internet Security
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-27 19:09:04
Entry Point 0x00004C99
Number of sections 4
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameA
RtlUnwind
HeapSetInformation
GetCurrentProcess
GetConsoleMode
DecodePointer
GetCurrentProcessId
WriteConsoleW
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetProcAddress
EncodePointer
HeapSize
SetStdHandle
WideCharToMultiByte
LoadLibraryW
TlsFree
SetFilePointer
GetSystemTimeAsFileTime
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
CreateFileW
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
ExitProcess
GetCurrentThreadId
InterlockedIncrement
SetLastError
LeaveCriticalSection
LoadImageW
GetParent
GetWindowRect
PostThreadMessageW
DestroyWindow
GetDlgItem
GetMessageW
ShowWindow
CharNextW
ScreenToClient
IsChild
SetWindowPos
CallNextHookEx
Number of PE resources by type
RT_ICON 23
RT_GROUP_ICON 8
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 28
NEUTRAL 5
PE resources
ExifTool file metadata
ProductShortName
COMODO Internet Security

SubsystemVersion
5.0

OfficialBuild
0

InitializedDataSize
359424

ImageVersion
0.0

ProductName
COMODO Internet Security

FileVersionNumber
26.0.1410.43

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

CharacterSet
Unicode

LinkerVersion
9.0

FileTypeExtension
exe

OriginalFileName
bsm_chrome.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

CompanyShortName
COMODO

FileVersion
26.0.1410.43

TimeStamp
2016:10:27 20:09:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
bsm_chrome.exe

ProductVersion
26.0.1410.43

FileDescription
COMODO Internet Security

OSVersion
5.0

FileOS
Win32

LegalCopyright
2005-2013 COMODO. All rights reserved

MachineType
Intel 386 or later, and compatibles

CompanyName
COMODO Security Solutions

CodeSize
41984

FileSubtype
0

ProductVersionNumber
26.0.1410.43

LastChange
189671

EntryPoint
0x4c99

ObjectFileType
Executable application

File identification
MD5 875c068635236792315ed82f3db1a17b
SHA1 eac93043c2247cac6d9b7ea7303d2c125e601c98
SHA256 adaa34d8105438cf068515844c2bdf8aabb8a583342d6cd35c89b372e26454c0
ssdeep
6144:pjVu9TW+yfVa91RIb1/+IKJs8uhN4rMiEchkfnk/GGGGGSGGGGSGGGGG:RVu9y+yfU9DIb1/7tgIxfk

authentihash bdee96add5dd0f0b08a9c2ca88ff9fc341f1cbabb0cec5bc7a6bcdd2151bcb2a
imphash 5e4c41083596df62fb390f83ee15bd76
File size 297.0 KB ( 304128 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2016-10-30 21:04:09 UTC ( 2 years, 3 months ago )
Last submission 2016-10-30 21:04:09 UTC ( 2 years, 3 months ago )
File names 875c068635236792315ed82f3db1a17b.virus
bsm_chrome.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications