× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ae22e3bfb3e2bbbc7b758ec6bc9fa9c6d57a281ba7b4446830404a461cb620f2
File name: dbust.exe
Detection ratio: 8 / 54
Analysis date: 2016-01-30 00:48:59 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20160129
Avast Win32:Malware-gen 20160130
Avira (no cloud) TR/Dropper.MSIL.252545 20160130
ESET-NOD32 Win32/Spy.Weecnaw.A 20160130
Kaspersky UDS:DangerousObject.Multi.Generic 20160129
McAfee Artemis!CA7ED6E2BBC3 20160130
McAfee-GW-Edition BehavesLike.Win32.Backdoor.dc 20160130
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20160130
Ad-Aware 20160129
Yandex 20160129
AhnLab-V3 20160129
Alibaba 20160129
ALYac 20160130
Antiy-AVL 20160130
Arcabit 20160129
AVG 20160130
Baidu-International 20160129
BitDefender 20160129
Bkav 20160129
ByteHero 20160130
CAT-QuickHeal 20160129
ClamAV 20160130
CMC 20160130
Comodo 20160130
Cyren 20160129
DrWeb 20160130
Emsisoft 20160130
F-Prot 20160129
F-Secure 20160129
Fortinet 20160129
GData 20160129
Ikarus 20160129
Jiangmin 20160129
K7AntiVirus 20160129
K7GW 20160129
Malwarebytes 20160129
Microsoft 20160129
eScan 20160129
NANO-Antivirus 20160130
nProtect 20160129
Panda 20160129
Rising 20160129
Sophos AV 20160129
SUPERAntiSpyware 20160130
Symantec 20160129
Tencent 20160130
TheHacker 20160130
TrendMicro 20160130
TrendMicro-HouseCall 20160130
VBA32 20160128
VIPRE 20160130
ViRobot 20160129
Zillya 20160130
Zoner 20160129
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-01-30 06:44:53
Entry Point 0x0002A34E
Number of sections 3
PE sections
Overlays
MD5 21eb7229dde310fab9cd2dbec6208123
File type ASCII text
Offset 281600
Size 7168
Entropy 0.00
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2016:01:30 07:44:53+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
164864

LinkerVersion
8.0

FileTypeExtension
exe

InitializedDataSize
116224

SubsystemVersion
4.0

EntryPoint
0x2a34e

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

Execution parents
Compressed bundles
File identification
MD5 ca7ed6e2bbc30d7a591f532e08349c8c
SHA1 99f5f4689a4fb45ff88ab8379777d06f001030eb
SHA256 ae22e3bfb3e2bbbc7b758ec6bc9fa9c6d57a281ba7b4446830404a461cb620f2
ssdeep
6144:K7y49qxaG7YVaMIEl/WphcHeqJ/DAwa1V:K7y4jMYVaetwqJ/I1V

authentihash 45fd92b55bd0c311900bfc6f5940ccb06f092df86f0607ca07248a8a80d4fd1a
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 282.0 KB ( 288768 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2016-01-29 20:22:39 UTC ( 3 years, 2 months ago )
Last submission 2017-08-21 06:16:49 UTC ( 1 year, 8 months ago )
File names dbust.exe
dbust.exe
dbust.exe
ca7ed6e2bbc30d7a591f532e08349c8c.exe
dbust.exe
dbust.exe
ca7ed6e2bbc30d7a591f532e08349c8c
dbust.exe
dbust.exe
HKRUN.exe
dbust.exe
ca7ed6e2bbc30d7a591f532e08349c8c
ugeneric.exe
HKRUN.exe
HKRUN.exe
(ae22e3bfb3e2bbbc7b758ec6bc9fa9c6d57a281ba7b4446830404a461cb620f2) - dbust.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!