× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b4e16da5babbdf25867778459cd6c278a57dd3e5235f74a1fefe416b9a162176
File name: zbetcheckin_tracker_b1.exe
Detection ratio: 9 / 68
Analysis date: 2018-09-17 22:07:20 UTC ( 8 months ago ) View latest
Antivirus Result Update
Bkav W32.HfsAutoB. 20180917
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20180723
Cylance Unsafe 20180917
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
Microsoft Trojan:Win32/Fuerboos.C!cl 20180917
Rising Malware.Heuristic!ET#99% (RDM+:cmRtazo+RvZhOkKwBQJh2nN4lsjE) 20180917
SentinelOne (Static ML) static engine - malicious 20180830
Symantec ML.Attribute.HighConfidence 20180917
Ad-Aware 20180917
AegisLab 20180917
AhnLab-V3 20180917
Alibaba 20180713
ALYac 20180917
Antiy-AVL 20180917
Arcabit 20180917
Avast 20180917
Avast-Mobile 20180917
AVG 20180917
Avira (no cloud) 20180917
AVware 20180917
Babable 20180907
Baidu 20180914
BitDefender 20180917
CAT-QuickHeal 20180917
ClamAV 20180917
CMC 20180917
Comodo 20180917
Cybereason 20180225
Cyren 20180917
DrWeb 20180917
eGambit 20180917
Emsisoft 20180917
ESET-NOD32 20180917
F-Prot 20180917
F-Secure 20180917
Fortinet 20180917
GData 20180917
Ikarus 20180917
Jiangmin 20180917
K7AntiVirus 20180917
K7GW 20180917
Kaspersky 20180917
Kingsoft 20180917
Malwarebytes 20180917
MAX 20180917
McAfee 20180917
McAfee-GW-Edition 20180917
eScan 20180917
NANO-Antivirus 20180917
Palo Alto Networks (Known Signatures) 20180917
Panda 20180917
Qihoo-360 20180917
Sophos AV 20180917
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180911
TACHYON 20180917
Tencent 20180917
TheHacker 20180914
TotalDefense 20180915
TrendMicro 20180917
TrendMicro-HouseCall 20180917
Trustlook 20180917
VBA32 20180917
VIPRE 20180917
ViRobot 20180917
Webroot 20180917
Yandex 20180917
Zillya 20180917
ZoneAlarm by Check Point 20180917
Zoner 20180916
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Gladis NDOUAB'S

Product LockDisk
File version 1.1.4.9
Description Interdire (Bloquer) un CD/DVD sur votre ordinateur
Comments gndouabs@hotmail.de
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x004B1000
Number of sections 6
PE sections
PE imports
InitCommonControls
Number of PE resources by type
RT_RCDATA 24
RT_STRING 16
RT_BITMAP 12
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_ICON 2
RT_GROUP_ICON 2
RT_DIALOG 1
IMAGE 1
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 45
RUSSIAN 24
FRENCH 3
GERMAN 1
ARABIC EGYPT 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
gndouabs@hotmail.de

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.4.9

LanguageCode
French

FileFlagsMask
0x003f

FileDescription
Interdire (Bloquer) un CD/DVD sur votre ordinateur

ImageFileCharacteristics
Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Latin1

InitializedDataSize
394752

EntryPoint
0x4b1000

MIMEType
application/octet-stream

LegalCopyright
Gladis NDOUAB'S

FileVersion
1.1.4.9

TimeStamp
1992:06:20 00:22:17+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
NDSoft Corp

CodeSize
393216

ProductName
LockDisk

ProductVersionNumber
1.1.4.9

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 5efe49e536436874be28e63300ab2a45
SHA1 056c5038414600cfad00d8b1fb585145ed948e1c
SHA256 b4e16da5babbdf25867778459cd6c278a57dd3e5235f74a1fefe416b9a162176
ssdeep
24576:p6k2kBtr5+2hr2iglyQwDHq1irMefkJKCkYLYO97lxmCjKy0tzXiZ7O5X:ck2kBOGyr4Vq627TmCjKycKUX

authentihash fb958609c5427bb87e57990b8434d0cfe76d9a70c6606207bf4b88ff6a81dfcd
imphash baa93d47220682c04d92f7797d9224ce
File size 1.9 MB ( 1968128 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.7%)
Win16/32 Executable Delphi generic (16.4%)
OS/2 Executable (generic) (16.0%)
Generic Win/DOS Executable (15.8%)
DOS Executable Generic (15.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-17 22:07:20 UTC ( 8 months ago )
Last submission 2018-09-18 04:13:59 UTC ( 8 months ago )
File names zbetcheckin_tracker_b1.exe
b1.exe
output.114051816.txt
b1.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs