× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58
File name: flashguncelle.exe
Detection ratio: 30 / 49
Analysis date: 2013-12-23 22:38:53 UTC ( 3 years, 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.77106 20131223
Yandex Trojan.Blocker!Dl+IS9eWOHk 20131223
AhnLab-V3 Trojan/Win32.Blocker 20131223
AntiVir TR/Strictor.23182.31 20131223
Antiy-AVL Trojan/Win32.Blocker 20131223
Avast Win32:Agent-ASJZ [Trj] 20131223
AVG Generic35.AQUE 20131223
Baidu-International Trojan.Win32.Ransomlock.40 20131213
BitDefender Gen:Variant.Zusy.77106 20131223
Comodo UnclassifiedMalware 20131223
DrWeb Trojan.DownLoader10.59063 20131223
Emsisoft Gen:Variant.Zusy.77106 (B) 20131223
F-Secure Gen:Variant.Zusy.77106 20131223
Fortinet W32/Blocker.DBUD!tr 20131223
GData Gen:Variant.Zusy.77106 20131223
Ikarus Trojan-Ransom.Win32.Blocker 20131223
K7AntiVirus Riskware ( 0040eff71 ) 20131223
K7GW Riskware ( 0040eff71 ) 20131223
Kaspersky Trojan-Ransom.Win32.Blocker.dbud 20131223
Kingsoft Win32.Troj.Undef.(kcloud) 20130829
McAfee Artemis!30118BEC581F 20131223
McAfee-GW-Edition Artemis!30118BEC581F 20131223
eScan Gen:Variant.Zusy.77106 20131223
Norman Suspicious_Gen4.FMWYF 20131223
Panda Trj/CI.A 20131223
Symantec Trojan.Gen.2 20131223
TrendMicro TROJ_GEN.R0CBC0OLF13 20131223
TrendMicro-HouseCall TROJ_GEN.R0CBC0OLF13 20131223
VBA32 Hoax.Blocker 20131223
VIPRE Trojan.Win32.Generic!BT 20131223
Bkav 20131223
ByteHero 20130613
CAT-QuickHeal 20131222
ClamAV 20131223
CMC 20131217
Commtouch 20131223
ESET-NOD32 20131223
F-Prot 20131223
Jiangmin 20131223
Malwarebytes 20131223
Microsoft 20131223
NANO-Antivirus 20131223
nProtect 20131223
Rising 20131223
Sophos AV 20131223
SUPERAntiSpyware 20131222
TheHacker 20131223
TotalDefense 20131223
ViRobot 20131223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Adobe

Publisher Adobe
Product Adobe
Original name FlashGuncelle.exe
Internal name FlashGuncelle.exe
File version 8
Description Adobe
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-11 17:20:46
Entry Point 0x0002D836
Number of sections 3
.NET details
Module Version ID 82b749d0-6c28-44df-8edd-6063ac44b684
TypeLib ID 92a9acad-1697-4a95-b30c-967b6554aaed
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
CodeSize
178688

FileDescription
Adobe

LinkerVersion
8.0

ImageVersion
0.0

ProductName
Adobe

FileVersionNumber
8.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
16896

FileTypeExtension
exe

OriginalFileName
FlashGuncelle.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
8

TimeStamp
2013:12:11 18:20:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
FlashGuncelle.exe

SubsystemVersion
4.0

ProductVersion
8

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Adobe

MachineType
Intel 386 or later, and compatibles

CompanyName
Adobe

LegalTrademarks
Adobe

FileSubtype
0

ProductVersionNumber
8.0.0.0

EntryPoint
0x2d836

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 30118bec581f80de46445aef79e6cf10
SHA1 8462920bbf74bbeb9ce7ee68a37e20207de60aaf
SHA256 adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58
ssdeep
3072:Zq7xvcMfQkiszbShQ8gbDoN1uVJxBsslRwaTTOj1i3cM/05xQmEq/BRiLH:AWcQkisyHgYL2JxBsYRwYTOjOtMM

authentihash 635521da7a59f1a4edd97797ed40424ddc6898d24221dec615d678f874d2b2af
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 191.5 KB ( 196096 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (56.7%)
Win64 Executable (generic) (21.4%)
Windows screen saver (10.1%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-12-12 01:35:57 UTC ( 3 years, 9 months ago )
Last submission 2015-06-12 12:09:45 UTC ( 2 years, 3 months ago )
File names 0B6DFdqpSFDAlSmpsTkZkT2hvN28
YeIzoT.msc
aa
Iz9lj8yd.vsd
007891743
adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58
FlashGuncelle (18).exe
VirusShare_30118bec581f80de46445aef79e6cf10
vti-rescan
FlashGuncelle (1).exe
FlashGuncelle.exe
flashguncelle (2).exe
LIHEnCjds.xdp
flashguncelle.exe
file-6365412_exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047C0CFC15.

Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!