× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba8f8f7b64824b25e4e3c18de63107894a5700aae625d9734136b34a81b37804
File name: vt-upload-O6dcH
Detection ratio: 39 / 50
Analysis date: 2014-02-28 21:29:28 UTC ( 3 years, 2 months ago )
Antivirus Result Update
Ad-Aware Trojan.Ranapama.A 20140228
Yandex TrojanSpy.Zbot!G+gYOQL3JXk 20140228
AhnLab-V3 Spyware/Win32.Zbot 20140228
AntiVir TR/Ranapama.A 20140228
Antiy-AVL Trojan/Win32.SGeneric 20140228
Avast Win32:Injector-BQJ [Trj] 20140228
AVG Inject2.SNE 20140228
Baidu-International Trojan.Win32.Zbot.aJm 20140228
BitDefender Trojan.Ranapama.A 20140228
Bkav HW32.CDB.5fc3 20140228
Comodo TrojWare.Win32.Carberp.AV 20140228
DrWeb Trojan.PWS.Panda.2401 20140228
Emsisoft Trojan.Ranapama.A (B) 20140228
ESET-NOD32 a variant of Win32/Injector.AXPJ 20140228
F-Secure Trojan.Ranapama.A 20140228
Fortinet W32/Injector.AXKT!tr 20140228
GData Trojan.Ranapama.A 20140228
Jiangmin TrojanSpy.Zbot.gzne 20140228
K7AntiVirus Trojan ( 004952c31 ) 20140228
K7GW Trojan ( 004952c31 ) 20140228
Kaspersky Trojan-Spy.Win32.Zbot.rmop 20140228
Kingsoft Win32.Troj.Zbot.rm.(kcloud) 20140301
Malwarebytes Trojan.Zbot 20140228
McAfee Generic-FAOP!8EA9C209B006 20140301
McAfee-GW-Edition Generic-FAOP!8EA9C209B006 20140228
Microsoft PWS:Win32/Zbot 20140301
eScan Trojan.Ranapama.A 20140301
NANO-Antivirus Trojan.Win32.Zbot.ctptgx 20140228
nProtect Trojan.Ranapama.A 20140228
Panda Generic Malware 20140228
Qihoo-360 HEUR/Malware.QVM10.Gen 20140301
Sophos Troj/Wonton-P 20140228
SUPERAntiSpyware Trojan.Agent/Gen-Injector 20140301
Symantec Backdoor.Trojan 20140228
TheHacker Trojan/Injector.axkt 20140228
TrendMicro TROJ_GEN.R021C0CBR14 20140228
TrendMicro-HouseCall TROJ_GEN.R021C0CBR14 20140228
VBA32 SScope.Worm.Ngrbot.2414 20140228
VIPRE Trojan.Win32.Generic!BT 20140228
ByteHero 20140301
CAT-QuickHeal 20140228
ClamAV 20140228
CMC 20140228
Commtouch 20140228
F-Prot 20140228
Ikarus 20140228
Norman 20140228
Rising 20140228
TotalDefense 20140228
ViRobot 20140228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Publisher Intel Pentium 4
Product Intel corporation Pentium 4
Original name intel.exe
File version 7.0.0.3
Description Intel corporation Pentium 4
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-11 01:56:58
Entry Point 0x000036A1
Number of sections 3
PE sections
PE imports
CreateCompatibleDC
CreateColorSpaceW
Arc
CombineRgn
CloseFigure
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
FillConsoleOutputCharacterW
RtlUnwind
GetModuleFileNameA
GetStdHandle
IsProcessorFeaturePresent
GetCommandLineA
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
WideCharToMultiByte
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
WriteProfileSectionW
GetProcAddress
AddAtomW
EncodePointer
GetFileType
SetStdHandle
CompareStringW
GetCPInfo
GetModuleFileNameW
TlsFree
SetFilePointer
HeapSetInformation
SetUnhandledExceptionFilter
GetTempPathW
CloseHandle
GetTempFileNameA
GetComputerNameA
FindNextFileA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
SetEnvironmentVariableA
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
HeapCreate
WriteFile
CreateFileW
InterlockedDecrement
Sleep
SetLastError
TlsSetValue
GetTickCount
GetCurrentThreadId
InterlockedIncrement
ExitProcess
WriteConsoleW
LeaveCriticalSection
glMateriali
glColor4iv
glEvalCoord2fv
wglRealizeLayerPalette
glFinish
wglUseFontBitmapsA
glIndexs
glNormal3b
ExtractIconExA
DoEnvironmentSubstA
ExtractAssociatedIconW
ExtractIconExW
ShellExecuteExW
ExtractIconW
SetFocus
SetWindowWord
DefFrameProcW
UpdateWindow
CloseDesktop
DdeConnect
GetKeyboardLayoutList
GetAsyncKeyState
GetWindowInfo
PostMessageW
FrameRect
mmioSeek
joyGetDevCapsA
PlaySoundA
waveOutGetDevCapsA
mixerClose
SymGetLineNext
SymGetModuleInfoW64
SymMatchString
ImageRvaToSection
SymGetLinePrev
SymLoadModuleEx
CoGetInstanceFromFile
StringFromCLSID
GetClassFile
CoBuildVersion
OleDestroyMenuDescriptor
FindMediaType
GetClassFileOrMime
CoInternetGetProtocolFlags
HlinkGoForward
Number of PE resources by type
RT_DIALOG 43
RT_BITMAP 27
RT_HTML 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 72
RUSSIAN 1
SPANISH HONDURAS 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.0.3

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
241664

FileOS
Win32

MIMEType
application/octet-stream

FileVersion
7.0.0.3

TimeStamp
2014:02:11 02:56:58+01:00

FileType
Win32 EXE

PEType
PE32

FileAccessDate
2014:03:01 00:18:01+01:00

ProductVersion
7.0.0.3

FileDescription
Intel corporation Pentium 4

OSVersion
5.0

FileCreateDate
2014:03:01 00:18:01+01:00

OriginalFilename
intel.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Intel Pentium 4

CodeSize
49664

ProductName
Intel corporation Pentium 4

ProductVersionNumber
7.0.0.3

EntryPoint
0x36a1

ObjectFileType
Executable application

File identification
MD5 8ea9c209b0063d63db8dbdb98bd93a4f
SHA1 24702b195800e89c1e3efdaf21b60c2b632d86f1
SHA256 ba8f8f7b64824b25e4e3c18de63107894a5700aae625d9734136b34a81b37804
ssdeep
6144:DeiGTXcxIK5iZf7gxhaJAxFsDhkrvmlMIB3N:DeiGImKo9YhaJAxe/3N

imphash f130d9b64f49f8db8c467a78a0a71386
File size 286.7 KB ( 293595 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2014-02-28 21:29:28 UTC ( 3 years, 2 months ago )
Last submission 2014-02-28 21:29:28 UTC ( 3 years, 2 months ago )
File names vt-upload-O6dcH
intel.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!