× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b1e5a8978f897be41923c35ba8f1d8b5c733c0390d916599b9021183e5083a3f
File name: b1e5a8978f897be41923c35ba8f1d8b5c733c0390d916599b9021183e5083a3f
Detection ratio: 23 / 69
Analysis date: 2018-08-24 04:48:41 UTC ( 7 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Ursu.276786 20180824
Arcabit Trojan.Ursu.D43932 20180824
AVG FileRepMalware 20180824
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180820
BitDefender Gen:Variant.Ursu.276786 20180824
Cylance Unsafe 20180824
Emsisoft Gen:Variant.Ursu.276786 (B) 20180824
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CJAO 20180824
F-Secure Gen:Variant.Ursu.276786 20180824
Fortinet W32/GenKryptik.CJAO!tr 20180824
GData Gen:Variant.Ursu.276786 20180824
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20180824
McAfee RDN/Generic.grp 20180824
McAfee-GW-Edition BehavesLike.Win32.Dropper.dm 20180824
Microsoft PWS:Win32/Zbot 20180823
eScan Gen:Variant.Ursu.276786 20180824
Palo Alto Networks (Known Signatures) generic.ml 20180824
Qihoo-360 Win32/Trojan.Spy.f45 20180824
Rising Spyware.SpyEyes!8.4AA (CLOUD) 20180824
Webroot W32.Trojan.Gen 20180824
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180824
AegisLab 20180824
AhnLab-V3 20180823
Alibaba 20180713
ALYac 20180824
Antiy-AVL 20180824
Avast 20180824
Avast-Mobile 20180823
Avira (no cloud) 20180823
AVware 20180823
Babable 20180822
Bkav 20180823
CAT-QuickHeal 20180823
ClamAV 20180823
CMC 20180823
Comodo 20180824
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cyren 20180824
DrWeb 20180824
eGambit 20180824
F-Prot 20180824
Ikarus 20180823
Jiangmin 20180824
K7AntiVirus 20180823
K7GW 20180824
Kingsoft 20180824
Malwarebytes 20180824
MAX 20180824
NANO-Antivirus 20180824
Panda 20180823
SentinelOne (Static ML) 20180701
Sophos AV 20180824
SUPERAntiSpyware 20180824
Symantec 20180823
Symantec Mobile Insight 20180822
TACHYON 20180824
Tencent 20180824
TheHacker 20180824
TotalDefense 20180823
TrendMicro 20180824
TrendMicro-HouseCall 20180824
Trustlook 20180824
VBA32 20180823
VIPRE 20180824
ViRobot 20180823
Yandex 20180822
Zillya 20180822
Zoner 20180823
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1996

Product LVTEST Application
Original name LVTEST.EXE
Internal name LVTEST
File version 1.00
Description LVTEST MFC Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-27 01:29:38
Entry Point 0x00024100
Number of sections 4
PE sections
PE imports
RegQueryValueA
RegOpenKeyExA
RegCloseKey
ImageList_Add
SetDIBits
PatBlt
OffsetRgn
CreatePen
TextOutA
CreateFontIndirectA
EndPath
CombineRgn
GetPixel
Rectangle
GetObjectA
CreateCompatibleDC
DeleteDC
GetTextExtentPointA
FillPath
BitBlt
CreateHatchBrush
GetDeviceCaps
CreateEllipticRgn
CreateBrushIndirect
CreateDIBitmap
GetStockObject
ExtTextOutA
GetDIBits
CreateRoundRectRgn
RoundRect
StretchBlt
StretchDIBits
CreateRectRgn
SelectObject
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateSolidBrush
SetTextColor
SetBkMode
SetBkColor
BeginPath
DeleteObject
Ellipse
GetDriveTypeW
GetConsoleOutputCP
lstrlenA
GlobalFree
FreeLibrary
CopyFileA
GetVersionExA
VirtualProtect
GlobalUnlock
LoadLibraryA
GlobalAlloc
GetModuleFileNameA
WinExec
OpenFile
GetStartupInfoA
SetThreadPriority
lstrcatA
DeleteFileA
GetWindowsDirectoryA
GetLongPathNameA
GetProcAddress
CancelIo
GlobalAddAtomW
GetModuleHandleA
FindFirstFileA
lstrcpyA
MulDiv
GlobalLock
GetOEMCP
GlobalHandle
FindClose
GetConsoleAliasExesLengthW
Sleep
CreateFileA
GetCurrentThreadId
CloseHandle
rand
malloc
sscanf
__CxxFrameHandler
_ftol
srand
fclose
__dllonexit
fprintf
fopen
_except_handler3
?terminate@@YAXXZ
fwrite
_onexit
exit
_XcptFilter
__setusermatherr
__p__commode
sprintf
_acmdln
fread
_adjust_fdiv
free
__getmainargs
calloc
_exit
_setmbcp
strstr
fscanf
memmove
__p__fmode
time
_initterm
_controlfp
__set_app_type
Ord(251)
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
Shell_NotifyIconA
RegisterClassA
SetWindowRgn
UpdateWindow
UnregisterHotKey
SetCapture
LoadMenuA
OffsetRect
ReleaseCapture
RegisterWindowMessageA
DefWindowProcA
SetWindowTextA
LoadBitmapA
DrawTextExA
MessageBoxExA
GetSystemMetrics
IsWindow
GetWindowRect
DispatchMessageA
ScreenToClient
SetMenu
UnregisterClassA
PostMessageA
DrawIcon
LoadCursorFromFileA
WindowFromPoint
MessageBoxA
PeekMessageA
GetWindowDC
SetWindowLongA
TranslateMessage
GetDC
GetCursor
GetCursorPos
ReleaseDC
GetIconInfo
CheckMenuItem
GetMenu
GetSubMenu
ShowWindow
IsWindowVisible
SendMessageA
DestroyWindow
GetClientRect
CreateWindowExA
EnableMenuItem
ClientToScreen
SetRect
InvalidateRect
GetWindowLongA
SetTimer
LoadCursorA
LoadIconA
TrackPopupMenu
RegisterHotKey
CopyRect
GetDesktopWindow
IsRectEmpty
wsprintfA
EnableWindow
SetForegroundWindow
SetCursor
PtInRect
waveInOpen
mmioWrite
sndPlaySoundA
mmioDescend
mciGetErrorStringA
waveInStop
mixerGetLineControlsA
waveInGetErrorTextA
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
waveInPrepareHeader
waveInGetDevCapsA
waveOutGetNumDevs
mmioClose
mmioCreateChunk
waveInAddBuffer
timeGetTime
waveInClose
mmioAscend
mmioOpenA
waveInGetNumDevs
mixerGetDevCapsA
mmioRead
mixerSetControlDetails
mixerClose
waveInUnprepareHeader
mixerGetControlDetailsA
waveInStart
mciSendCommandA
waveInReset
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
Number of PE resources by type
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 14
ENGLISH US 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
17920

ImageVersion
1.0

ProductName
LVTEST Application

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, No debug

CharacterSet
Unicode

LinkerVersion
2.56

FileTypeExtension
exe

OriginalFileName
LVTEST.EXE

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0

TimeStamp
2018:05:27 02:29:38+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
LVTEST

ProductVersion
1.0

FileDescription
LVTEST MFC Application

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 1996

MachineType
Intel 386 or later, and compatibles

CodeSize
191488

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x24100

ObjectFileType
Executable application

Execution parents
File identification
MD5 b0f57d573faa285e1290fe9a72c5bedf
SHA1 a73fc80ee32390130986f1a7fd9af286e9d40e72
SHA256 b1e5a8978f897be41923c35ba8f1d8b5c733c0390d916599b9021183e5083a3f
ssdeep
3072:fq58RsDtM5m/kSS8scZ8wCzSikFe9pH8q9pvprFLLkYyY33X1+RshRC:yiRp03PsWCuikFercqHprFLAY+O

authentihash 05d998d96398a57a50ce48bb4e34a4b8c3c28d1475f2ca24da27bb74f90963e3
imphash 2c8a9e5e200adbe3472d926240576342
File size 205.5 KB ( 210432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.3%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-23 22:30:36 UTC ( 7 months, 4 weeks ago )
Last submission 2018-08-24 18:46:43 UTC ( 7 months, 4 weeks ago )
File names extensions.exe
LVTEST.EXE
codexgigas_a73fc80ee32390130986f1a7fd9af286e9d40e72
foldertree.exe
LVTEST
milk2_img.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs