× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b4449b9147d657a21caa9eb13f3cf6a995c91f591b77d89f3d61aef088a5b2d5
File name: codeup.exe
Detection ratio: 9 / 55
Analysis date: 2014-09-05 02:27:38 UTC ( 4 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Injector 20140905
Bkav HW32.Laneul.bqyq 20140904
ESET-NOD32 a variant of Win32/Injector.BLIE 20140904
Malwarebytes Trojan.Ransom.ED 20140905
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dc 20140904
Microsoft PWS:Win32/Zbot 20140905
Qihoo-360 Malware.QVM10.Gen 20140905
Sophos AV Mal/Wonton-J 20140905
TrendMicro-HouseCall TROJ_GEN.R0C1H08I414 20140905
Ad-Aware 20140905
AegisLab 20140905
Yandex 20140904
Antiy-AVL 20140904
Avast 20140905
AVG 20140905
Avira (no cloud) 20140905
AVware 20140905
Baidu-International 20140904
BitDefender 20140905
ByteHero 20140905
CAT-QuickHeal 20140904
ClamAV 20140904
CMC 20140904
Comodo 20140905
Cyren 20140905
DrWeb 20140905
Emsisoft 20140905
F-Prot 20140905
F-Secure 20140904
Fortinet 20140905
GData 20140905
Ikarus 20140905
Jiangmin 20140904
K7AntiVirus 20140904
K7GW 20140904
Kaspersky 20140904
Kingsoft 20140905
McAfee 20140905
eScan 20140905
NANO-Antivirus 20140905
Norman 20140904
nProtect 20140904
Panda 20140904
Rising 20140904
SUPERAntiSpyware 20140905
Symantec 20140904
Tencent 20140905
TheHacker 20140904
TotalDefense 20140904
TrendMicro 20140905
VBA32 20140903
VIPRE 20140905
ViRobot 20140904
Zillya 20140904
Zoner 20140901
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright (C) Luck 2001-2013

Publisher Dot swam atomic - www.Luck.com
Product Luck
File version 5.0.0.2
Description Prize Alice driven Jones
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-04 14:39:59
Entry Point 0x000072EE
Number of sections 4
PE sections
Number of PE resources by type
RT_STRING 7
RT_FONT 1
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 9
ARABIC SYRIA 1
PE resources
File identification
MD5 95b28699ccf02bfe8291785215f5c034
SHA1 7132aded63ad88d965565a62451910273d819a16
SHA256 b4449b9147d657a21caa9eb13f3cf6a995c91f591b77d89f3d61aef088a5b2d5
ssdeep
6144:kBCsaF4ZE7b/xy0ycWCbKKeKTWUtZbbIaNrla2cJco:kBCsE80ycWQleKTWUbfNVo

imphash 6ced44e753c2cee34f70e58dc166c893
File size 262.4 KB ( 268698 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-09-05 02:27:38 UTC ( 4 years, 6 months ago )
Last submission 2014-09-05 02:27:38 UTC ( 4 years, 6 months ago )
File names codeup.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications