× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e
File name: b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e
Detection ratio: 37 / 45
Analysis date: 2012-12-12 19:38:49 UTC ( 6 years, 3 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.PornoAsset 20121212
AntiVir TR/Crypt.XPACK.Gen 20121212
Avast Win32:Kryptik-JUZ [Trj] 20121212
AVG PSW.Generic10.SCE 20121212
BitDefender Gen:Heur.PIF.4 20121212
ClamAV Win.Trojan.Agent-24042 20121212
Commtouch W32/Falab.F.gen!Eldorado 20121212
Comodo TrojWare.Win32.Kryptik.ALBY 20121212
DrWeb Trojan.FakeAV.13019 20121212
Emsisoft Trojan.Win32.AMN (A) 20121212
ESET-NOD32 a variant of Win32/Kryptik.ALBY 20121212
F-Prot W32/Falab.F.gen!Eldorado 20121212
F-Secure Gen:Heur.PIF.4 20121212
Fortinet W32/Yakes.AP!tr 20121212
GData Gen:Heur.PIF.4 20121212
Ikarus Trojan-Ransom.Win32.PornoAsset 20121212
Jiangmin Trojan/Generic.auwyg 20121212
K7AntiVirus Riskware 20121212
Kaspersky HEUR:Trojan.Win32.Generic 20121212
Kingsoft Win32.Troj.Undef.(kcloud) 20121210
Malwarebytes Trojan.Agent 20121212
McAfee PWS-Zbot.gen.als 20121212
McAfee-GW-Edition PWS-Zbot.gen.als 20121212
Microsoft VirTool:Win32/Obfuscator.PN 20121212
eScan Gen:Heur.PIF.4 20121212
NANO-Antivirus Trojan.Win32.XPACK.xpssz 20121212
Norman W32/Kryptik.BVB 20121212
Panda Trj/Genetic.gen 20121212
Sophos AV Mal/ZboCheMan-A 20121212
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20121212
Symantec Infostealer.Dexter 20121212
TheHacker Trojan/Kryptik.alby 20121211
TotalDefense Win32/Zbot.AM!generic 20121212
TrendMicro TROJ_GEN.R47CFIH 20121212
TrendMicro-HouseCall TROJ_GEN.R47CFIH 20121212
VBA32 BScope.Trojan-Ransom.Winlock.1795 20121212
VIPRE Trojan.Win32.Generic!BT 20121212
Yandex 20121212
Antiy-AVL 20121212
ByteHero 20121212
CAT-QuickHeal 20121212
eSafe 20121212
nProtect 20121212
Rising 20121212
ViRobot 20121212
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-03-25 18:26:37
Entry Point 0x000042A9
Number of sections 6
PE sections
PE imports
GetProcessHeap
StrToIntExA
GetMessageTime
GetQueueStatus
IsCharAlphaW
GetDoubleClickTime
PE exports
Number of PE resources by type
RT_DIALOG 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2011:03:25 19:26:37+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
39424

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x42a9

InitializedDataSize
11776

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Compressed bundles
File identification
MD5 f84599376e35dbe1b33945b64e1ec6ab
SHA1 1b3dcfeda9d01dc428d954812c81f7bda1af5373
SHA256 b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e
ssdeep
768:p2ecQUbXvBPIUM46SsBhMQmPSXqxRwk9HCEAuAC2PB4n9cHfdVqCS0p+unGdGcy+:plGX9I+EhiLHn9OuAC2puafd8K4agSz

authentihash 72fe5907d99b5dd672b6e1241a43ffb3c66df1b5cf07807ef73edc6de47fa72f
imphash 60f51ee5e531acca783a0133482583a4
File size 51.0 KB ( 52224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2012-09-17 14:18:33 UTC ( 6 years, 6 months ago )
Last submission 2018-11-10 05:23:49 UTC ( 4 months, 1 week ago )
File names b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e.exe
dexter_b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e
file-4879024_exe
b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e.exe
dexter_b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e
b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e
f84599376e35dbe1b33945b64e1ec6ab
778e-c6ab.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!