× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba6f1a6b98154bc1b7f0e9defef1eec43e8c162b07acfe108fc78ae10255e9a9
File name: brittle-4.exe
Detection ratio: 6 / 56
Analysis date: 2016-04-05 21:16:02 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9966 20160405
Bkav HW32.Packed.E207 20160405
DrWeb Trojan.Inject2.19012 20160405
ESET-NOD32 a variant of Win32/Kryptik.ETIU 20160405
Qihoo-360 QVM20.1.Malware.Gen 20160405
Rising PE:Malware.XPACK-LNR/Heur!1.5594 [F] 20160405
Ad-Aware 20160405
AegisLab 20160405
AhnLab-V3 20160405
Alibaba 20160405
ALYac 20160405
Antiy-AVL 20160405
Arcabit 20160405
Avast 20160405
AVG 20160405
Avira (no cloud) 20160405
AVware 20160405
Baidu-International 20160405
BitDefender 20160405
CAT-QuickHeal 20160405
ClamAV 20160405
CMC 20160404
Comodo 20160404
Cyren 20160405
Emsisoft 20160405
F-Prot 20160405
F-Secure 20160405
Fortinet 20160404
GData 20160405
Ikarus 20160405
Jiangmin 20160405
K7AntiVirus 20160405
K7GW 20160404
Kaspersky 20160405
Kingsoft 20160405
Malwarebytes 20160405
McAfee 20160405
McAfee-GW-Edition 20160405
Microsoft 20160405
eScan 20160405
NANO-Antivirus 20160405
nProtect 20160405
Panda 20160405
Sophos AV 20160405
SUPERAntiSpyware 20160405
Symantec 20160331
Tencent 20160405
TheHacker 20160405
TrendMicro 20160405
TrendMicro-HouseCall 20160405
VBA32 20160405
VIPRE 20160405
ViRobot 20160405
Yandex 20160405
Zillya 20160405
Zoner 20160405
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-12-23 03:25:55
Entry Point 0x000025FD
Number of sections 6
PE sections
PE imports
RegOpenKeyExA
RegCloseKey
GetCurrentProcess
WideCharToMultiByte
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetTickCount
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
VirtualAlloc
lstrlenW
InterlockedIncrement
DragQueryFileW
ShellExecuteW
ShellExecuteA
DragQueryFileA
InternetCanonicalizeUrlW
HttpOpenRequestA
InternetUnlockRequestFile
ShowSecurityInfo
FtpRemoveDirectoryA
InternetSetStatusCallbackA
InternetErrorDlg
CreateUrlCacheGroup
InternetConfirmZoneCrossingA
GopherOpenFileA
GopherFindFirstFileW
InternetReadFileExW
InternetConfirmZoneCrossingW
InternetCombineUrlW
InternetTimeFromSystemTimeW
FindFirstUrlCacheContainerA
InternetLockRequestFile
InternetWriteFile
FtpCommandW
FtpPutFileEx
InternetCheckConnectionA
GetUrlCacheHeaderData
InternetFindNextFileA
InternetCrackUrlW
FtpOpenFileA
InternetSetDialStateW
InternetFortezzaCommand
FtpOpenFileW
InternetAlgIdToStringW
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.69

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
9.1.1.4

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
ASCII

InitializedDataSize
0

EntryPoint
0x25fd

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
9.1.1.4

TimeStamp
2015:12:23 04:25:55+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Inicio Programado

OSVersion
4.0

FileOS
Win32

LegalCopyright
Panda 2009

MachineType
Intel 386 or later, and compatibles

CompanyName
WestByte

CodeSize
24064

ProductName
60022

ProductVersionNumber
0.3.8.7

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2b44efb71810eff1ef48300db2996c6e
SHA1 f00c0e332ff28c2e75c2217bfb4f9c18638eb68c
SHA256 ba6f1a6b98154bc1b7f0e9defef1eec43e8c162b07acfe108fc78ae10255e9a9
ssdeep
12288:Cw5iDoyCQg0/+3YkL+gT8Ekl/9oJWg1Gm+HUnyPVRD4rdh:Z5iU4F+oCl836Wg1Gm+HDzDEdh

authentihash 73543c958f171da596349fdac45d8f2a5cc0122ce5029693f6e0788ba907884f
imphash e29fe208f65efe81a3629669437b3797
File size 652.5 KB ( 668160 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.2%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-04-05 21:16:02 UTC ( 3 years, 1 month ago )
Last submission 2016-04-14 04:30:53 UTC ( 3 years, 1 month ago )
File names brittle-4.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!