× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58
File name: flashguncelle.exe
Detection ratio: 30 / 49
Analysis date: 2013-12-23 22:38:53 UTC ( 3 years, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.77106 20131223
Yandex Trojan.Blocker!Dl+IS9eWOHk 20131223
AhnLab-V3 Trojan/Win32.Blocker 20131223
AntiVir TR/Strictor.23182.31 20131223
Antiy-AVL Trojan/Win32.Blocker 20131223
Avast Win32:Agent-ASJZ [Trj] 20131223
AVG Generic35.AQUE 20131223
Baidu-International Trojan.Win32.Ransomlock.40 20131213
BitDefender Gen:Variant.Zusy.77106 20131223
Comodo UnclassifiedMalware 20131223
DrWeb Trojan.DownLoader10.59063 20131223
Emsisoft Gen:Variant.Zusy.77106 (B) 20131223
F-Secure Gen:Variant.Zusy.77106 20131223
Fortinet W32/Blocker.DBUD!tr 20131223
GData Gen:Variant.Zusy.77106 20131223
Ikarus Trojan-Ransom.Win32.Blocker 20131223
K7AntiVirus Riskware ( 0040eff71 ) 20131223
K7GW Riskware ( 0040eff71 ) 20131223
Kaspersky Trojan-Ransom.Win32.Blocker.dbud 20131223
Kingsoft Win32.Troj.Undef.(kcloud) 20130829
McAfee Artemis!30118BEC581F 20131223
McAfee-GW-Edition Artemis!30118BEC581F 20131223
eScan Gen:Variant.Zusy.77106 20131223
Norman Suspicious_Gen4.FMWYF 20131223
Panda Trj/CI.A 20131223
Symantec Trojan.Gen.2 20131223
TrendMicro TROJ_GEN.R0CBC0OLF13 20131223
TrendMicro-HouseCall TROJ_GEN.R0CBC0OLF13 20131223
VBA32 Hoax.Blocker 20131223
VIPRE Trojan.Win32.Generic!BT 20131223
Bkav 20131223
ByteHero 20130613
CAT-QuickHeal 20131222
ClamAV 20131223
CMC 20131217
Commtouch 20131223
ESET-NOD32 20131223
F-Prot 20131223
Jiangmin 20131223
Malwarebytes 20131223
Microsoft 20131223
NANO-Antivirus 20131223
nProtect 20131223
Rising 20131223
Sophos 20131223
SUPERAntiSpyware 20131222
TheHacker 20131223
TotalDefense 20131223
ViRobot 20131223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Adobe

Publisher Adobe
Product Adobe
Original name FlashGuncelle.exe
Internal name FlashGuncelle.exe
File version 8
Description Adobe
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-11 17:20:46
Entry Point 0x0002D836
Number of sections 3
.NET details
Module Version ID 82b749d0-6c28-44df-8edd-6063ac44b684
TypeLib ID 92a9acad-1697-4a95-b30c-967b6554aaed
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
LegalTrademarks
Adobe

SubsystemVersion
4.0

InitializedDataSize
16896

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Adobe

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x2d836

OriginalFileName
FlashGuncelle.exe

MIMEType
application/octet-stream

LegalCopyright
Adobe

FileVersion
8

TimeStamp
2013:12:11 18:20:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
FlashGuncelle.exe

ProductVersion
8

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Adobe

CodeSize
178688

ProductName
Adobe

ProductVersionNumber
8.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 30118bec581f80de46445aef79e6cf10
SHA1 8462920bbf74bbeb9ce7ee68a37e20207de60aaf
SHA256 adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58
ssdeep
3072:Zq7xvcMfQkiszbShQ8gbDoN1uVJxBsslRwaTTOj1i3cM/05xQmEq/BRiLH:AWcQkisyHgYL2JxBsYRwYTOjOtMM

authentihash 635521da7a59f1a4edd97797ed40424ddc6898d24221dec615d678f874d2b2af
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 191.5 KB ( 196096 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (56.7%)
Win64 Executable (generic) (21.4%)
Windows screen saver (10.1%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-12-12 01:35:57 UTC ( 3 years, 5 months ago )
Last submission 2015-06-12 12:09:45 UTC ( 1 year, 11 months ago )
File names 0B6DFdqpSFDAlSmpsTkZkT2hvN28
007891743
adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58
FlashGuncelle (18).exe
VirusShare_30118bec581f80de46445aef79e6cf10
vti-rescan
FlashGuncelle (1).exe
FlashGuncelle.exe
flashguncelle (2).exe
flashguncelle.exe
file-6365412_exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047C0CFC15.

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!