× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bb2190947ac893f501be0d98d6d68b200b9f1e64b7ecf01e2e93da5615948295
File name: oset.jpg
Detection ratio: 5 / 70
Analysis date: 2018-12-16 21:15:33 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Cylance Unsafe 20181216
Endgame malicious (high confidence) 20181108
Fortinet W32/GenKryptik.CNMT!tr.ransom 20181216
Sophos ML heuristic 20181128
Trapmine suspicious.low.ml.score 20181205
Ad-Aware 20181216
AegisLab 20181214
AhnLab-V3 20181216
Alibaba 20180921
ALYac 20181216
Antiy-AVL 20181216
Arcabit 20181216
Avast 20181216
Avast-Mobile 20181216
AVG 20181216
Avira (no cloud) 20181216
Babable 20180918
Baidu 20181207
BitDefender 20181216
Bkav 20181214
CAT-QuickHeal 20181216
ClamAV 20181216
CMC 20181216
Comodo 20181216
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cyren 20181216
DrWeb 20181216
eGambit 20181216
Emsisoft 20181216
ESET-NOD32 20181216
F-Prot 20181216
F-Secure 20181216
GData 20181216
Ikarus 20181216
Jiangmin 20181216
K7AntiVirus 20181216
K7GW 20181216
Kaspersky 20181216
Kingsoft 20181216
Malwarebytes 20181216
MAX 20181216
McAfee 20181216
McAfee-GW-Edition 20181216
Microsoft 20181216
eScan 20181216
NANO-Antivirus 20181216
Palo Alto Networks (Known Signatures) 20181216
Panda 20181216
Qihoo-360 20181216
Rising 20181216
SentinelOne (Static ML) 20181011
Sophos AV 20181216
SUPERAntiSpyware 20181212
Symantec 20181215
Symantec Mobile Insight 20181215
TACHYON 20181214
Tencent 20181216
TheHacker 20181216
TotalDefense 20181216
TrendMicro 20181216
TrendMicro-HouseCall 20181216
Trustlook 20181216
VBA32 20181214
VIPRE 20181216
ViRobot 20181216
Webroot 20181216
Yandex 20181214
Zillya 20181215
ZoneAlarm by Check Point 20181216
Zoner 20181216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
ASUSTek Computer Inc.

Product ATKOSD2
Original name ATKOSD2.exe
Internal name ATKOSD2.exe
File version 7, 0, 35, 1
Description ATKOSD2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-12-06 11:30:10
Entry Point 0x0000AEF2
Number of sections 5
PE sections
PE imports
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
GetWindowExtEx
SetMapMode
PatBlt
SaveDC
TextOutA
LPtoDP
GetClipBox
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
SetBkMode
SelectObject
IntersectClipRect
BitBlt
SetTextColor
DPtoLP
GetObjectA
CreateBitmap
RectVisible
GetStockObject
CreateDIBitmap
SetViewportOrgEx
ScaleWindowExtEx
SetBkColor
ExtTextOutA
PtVisible
GetTextExtentPointA
CreateCompatibleDC
ScaleViewportExtEx
DeleteObject
GetMapMode
SetWindowExtEx
GetTextColor
CreateSolidBrush
SetViewportExtEx
Escape
GetViewportExtEx
GetBkColor
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
IsBadCodePtr
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
WriteFile
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
TlsGetValue
FormatMessageA
SetLastError
GlobalFindAtomA
HeapAlloc
GetModuleFileNameA
GetVolumeInformationA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetModuleHandleA
CreateThread
GlobalAddAtomA
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
TerminateProcess
GlobalAlloc
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
HeapFree
EnterCriticalSection
SetHandleCount
TerminateThread
lstrcmpiA
SetEvent
GetTickCount
IsBadWritePtr
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
GlobalLock
CompareStringW
GlobalReAlloc
lstrcmpA
FindFirstFileA
lstrcpyA
GetProfileStringA
CompareStringA
DuplicateHandle
GetProcAddress
GetTimeZoneInformation
GetFileType
TlsSetValue
CreateFileA
ExitProcess
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
lstrlenA
GlobalFree
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
lstrcpynA
GetACP
GetVersion
SizeofResource
HeapCreate
VirtualFree
Sleep
IsBadReadPtr
GetProcessVersion
FindResourceA
VirtualAlloc
ResetEvent
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
VariantCopy
SysFreeString
SysAllocStringByteLen
Ord(253)
SetFocus
RegisterClipboardFormatA
GetMessagePos
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetForegroundWindow
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
ClientToScreen
GrayStringA
GetMessageTime
SetActiveWindow
GetDC
GetCursorPos
MapDialogRect
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
GetNextDlgTabItem
CallNextHookEx
GetWindowTextLengthA
CopyAcceleratorTableA
GetTopWindow
ExcludeUpdateRgn
GetActiveWindow
GetWindowTextA
EnumWindowStationsW
DestroyWindow
GetMessageA
GetParent
UpdateWindow
SetPropA
ShowWindow
GetPropA
GetNextDlgGroupItem
GetDesktopWindow
EnableWindow
GetDlgItemTextA
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
LoadStringA
GetWindowPlacement
EnableMenuItem
RegisterClassA
TabbedTextOutA
GetSubMenu
CreateWindowExA
CopyRect
GetSysColorBrush
IsWindowUnicode
ReleaseDC
EndPaint
PtInRect
IsChild
IsDialogMessageA
MapWindowPoints
BeginPaint
OffsetRect
CharNextA
RegisterWindowMessageA
DefWindowProcA
DrawFocusRect
SendDlgItemMessageA
GetSystemMetrics
IsIconic
GetWindowRect
InflateRect
PostMessageA
DrawIcon
SetWindowLongA
RemovePropA
SetWindowTextA
CheckMenuItem
GetWindowLongA
GetLastActivePopup
GetDlgItem
GetMenuCheckMarkDimensions
ScreenToClient
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
GetMenuState
GetSystemMenu
GetMenuItemID
SetForegroundWindow
PostThreadMessageA
DrawTextA
IntersectRect
EndDialog
HideCaret
SetWindowContextHelpId
GetCapture
MessageBeep
ShowCaret
AppendMenuA
UnhookWindowsHookEx
SetDlgItemTextA
MoveWindow
MessageBoxA
GetWindowDC
AdjustWindowRectEx
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
WinHelpA
SetRect
InvalidateRect
wsprintfA
DefDlgProcA
ValidateRect
CallWindowProcA
GetClassNameA
GetFocus
ModifyMenuA
SetCursor
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetFileTitleA
SnmpMgrClose
SnmpMgrOpen
SnmpMgrTrapListen
SnmpMgrRequest
SnmpMgrOidToStr
SnmpMgrGetTrap
SnmpMgrStrToOid
OleUninitialize
CLSIDFromString
OleInitialize
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CLSIDFromProgID
CoRevokeClassObject
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemFree
CreateILockBytesOnHGlobal
CoTaskMemAlloc
SnmpUtilOidFree
SnmpUtilMemAlloc
SnmpUtilMemReAlloc
SnmpUtilMemFree
SnmpUtilVarBindListFree
SnmpUtilVarBindFree
SnmpUtilOidNCmp
SnmpUtilOidCpy
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
CHINESE TRADITIONAL 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
114688

ImageVersion
0.0

ProductName
ATKOSD2

FileVersionNumber
7.0.35.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
ATKOSD2.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
7, 0, 35, 1

TimeStamp
2016:12:06 03:30:10-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
ATKOSD2.exe

ProductVersion
7, 0, 35, 0

FileDescription
ATKOSD2

OSVersion
4.0

FileOS
Win32

LegalCopyright
ASUSTek Computer Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
ASUSTek Computer Inc.

CodeSize
139264

FileSubtype
0

ProductVersionNumber
7.0.35.0

EntryPoint
0xaef2

ObjectFileType
Executable application

File identification
MD5 dc9d51f87a16932c0c4f195a12675085
SHA1 59a1cb82a75cc193c736b28c1e035b6d744685e1
SHA256 bb2190947ac893f501be0d98d6d68b200b9f1e64b7ecf01e2e93da5615948295
ssdeep
3072:HV8Lsp0FEnMjx1tMeWmrObU9EFifXW4s4S4IJi6ow7UbyNdifi85Y6b:mLmS8Mjx1LWmabWhlSiN+difD5D

authentihash 297b8c30c284be2ad04622c8b65df0e7942b51b256d667a678eb6ea3e46576a1
imphash 78bea0cb69e7b6b5028e66c9f180453a
File size 252.0 KB ( 258048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.0%)
Win64 Executable (generic) (31.0%)
Windows screen saver (14.7%)
Win32 Dynamic Link Library (generic) (7.3%)
Win32 Executable (generic) (5.0%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-16 21:15:33 UTC ( 5 months, 1 week ago )
Last submission 2018-12-21 15:41:33 UTC ( 5 months ago )
File names dc9d51f87a16932c0c4f195a12675085
ATKOSD2.exe
4562w.jpg
oset.jpg
dc9d51f87a16932c0c4f195a12675085
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs