× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b82faf5346cd2cea93d68292296c5e05dd2b5c38617e7ad6b8af740fafa0edac
Detection ratio: 15 / 56
Analysis date: 2015-08-24 02:54:32 UTC ( 1 year, 11 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Graftor.181772 20150824
Antiy-AVL Trojan/Win32.SGeneric 20150824
Arcabit Trojan.Graftor.D2C60C 20150824
AVware Trojan.Win32.Generic!BT 20150824
Baidu-International Trojan.Win32.VB.OGK 20150823
BitDefender Gen:Variant.Graftor.181772 20150824
Emsisoft Gen:Variant.Graftor.181772 (B) 20150824
ESET-NOD32 a variant of Win32/TrojanClicker.VB.OGK 20150823
F-Secure Gen:Variant.Graftor.181772 20150824
GData Gen:Variant.Graftor.181772 20150824
Kaspersky Trojan.Win32.HalfyVB.ac 20150824
Microsoft TrojanClicker:Win32/Zimaja.A 20150824
eScan Gen:Variant.Graftor.181772 20150824
Sophos AV Mal/Generic-S 20150824
VIPRE Trojan.Win32.Generic!BT 20150824
AegisLab 20150823
Yandex 20150822
AhnLab-V3 20150823
Alibaba 20150824
ALYac 20150823
Avast 20150824
AVG 20150824
Avira (no cloud) 20150823
Bkav 20150822
ByteHero 20150824
CAT-QuickHeal 20150822
ClamAV 20150824
CMC 20150824
Comodo 20150824
Cyren 20150824
DrWeb 20150824
F-Prot 20150823
Fortinet 20150824
Ikarus 20150824
Jiangmin 20150823
K7AntiVirus 20150823
K7GW 20150823
Malwarebytes 20150823
McAfee 20150824
McAfee-GW-Edition 20150823
NANO-Antivirus 20150824
nProtect 20150822
Panda 20150823
Qihoo-360 20150824
Rising 20150823
SUPERAntiSpyware 20150822
Symantec 20150823
Tencent 20150824
TheHacker 20150820
TotalDefense 20150824
TrendMicro 20150824
TrendMicro-HouseCall 20150824
VBA32 20150822
ViRobot 20150824
Zillya 20150823
Zoner 20150824
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2014

Publisher AKAgame
File version 2.0
Description AKAGame Installation
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-10-25 19:47:11
Entry Point 0x000021AF
Number of sections 4
PE sections
Overlays
MD5 06042658a767983a602675e6e61e89ef
File type data
Offset 14848
Size 606361
Entropy 8.00
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetDeviceCaps
SelectPalette
SelectObject
PatBlt
CreateFontA
CreatePalette
GetStockObject
TextOutA
CreateSolidBrush
SetBkMode
DeleteObject
RealizePalette
SetTextColor
StretchDIBits
GetLastError
lstrlenA
GlobalFree
FreeLibrary
ExitProcess
GetVersionExA
GlobalUnlock
GetModuleFileNameA
LoadLibraryA
WinExec
OpenFile
GetCurrentProcess
_lwrite
lstrcatA
GetWindowsDirectoryA
SetErrorMode
_llseek
GetCommandLineA
GetProcAddress
_lread
GetTempPathA
_lcreat
_lclose
GetModuleHandleA
lstrcpyA
_lopen
MulDiv
GetTempFileNameA
GlobalLock
LocalFree
GlobalAlloc
FormatMessageA
DrawTextA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
ReleaseDC
EndPaint
BeginPaint
MessageBoxA
ExitWindowsEx
SendMessageA
GetClientRect
SetTimer
SetWindowPos
PostQuitMessage
DefWindowProcA
ShowWindow
UpdateWindow
wsprintfA
GetDC
InvalidateRect
PE exports
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

GameInstallation
XXXXXXXXXXXXXXXXXXXXX

ImageVersion
4.0

FileVersionNumber
2.0.0.0

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
,FileDescription

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Tag4
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

FileVersion
2.0

XXXXXXXX
|,LegalCopyright

TimeStamp
2001:10:25 20:47:11+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AKAgame

CodeSize
8704

FileSubtype
0

ProductVersionNumber
2.0.0.0

InitializedDataSize
5632

EntryPoint
0x21af

ObjectFileType
Executable application

File identification
MD5 c0a8f39d69e1da7ba13e5a74e3a39ab2
SHA1 3966ab8741f06c772425dafba2372bf4e2f80144
SHA256 b82faf5346cd2cea93d68292296c5e05dd2b5c38617e7ad6b8af740fafa0edac
ssdeep
12288:VlmhLR6QXTFRFtCTH1SLmbxkuK78UuQbjOl+xm9ui/TXLT:Vk77FU1SLohKwOK13T

authentihash 4a40519d03cae555b46e5c9521b490109577649de3fa9825a86f74a12f62dc96
imphash e41c25ab7824b3df73334188c40518ae
File size 606.6 KB ( 621209 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Wise Installer executable (98.1%)
Win32 Dynamic Link Library (generic) (0.8%)
Win32 Executable (generic) (0.5%)
Generic Win/DOS Executable (0.2%)
DOS Executable Generic (0.2%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-08-24 02:54:32 UTC ( 1 year, 11 months ago )
Last submission 2015-08-24 02:54:32 UTC ( 1 year, 11 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications