× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bbe4ef632f3a8043b8adac6bb03b8a8b4ba6842154a018075644c16265a19176
File name: 4adeff84dde436360c3e45b9806b8dc1f8155816-23a61e44dfadf5dcc931b325...
Detection ratio: 45 / 50
Analysis date: 2014-02-07 13:14:33 UTC ( 2 months, 2 weeks ago )
Antivirus Result Update
AVG Generic_r.PK 20140207
Ad-Aware Trojan.Generic.4502256 20140207
Agnitum Trojan.VBKrypt!S8SdR6w9dOI 20140207
AhnLab-V3 Win-Trojan/Vbcrypt.43008 20140207
AntiVir TR/Dropper.Gen 20140207
Avast Win32:VB-PRD [Wrm] 20140207
Baidu-International Trojan.Win32.VBKrypt.as 20140207
BitDefender Trojan.Generic.4502256 20140207
Bkav W32.Clodc14.Trojan.7d1f 20140207
CAT-QuickHeal (Suspicious) - DNAScan 20140207
ClamAV Trojan.Agent-165630 20140207
Commtouch W32/AgentP.IZU 20140207
Comodo TrojWare.Win32.VB.~kwb 20140207
DrWeb Trojan.Oficla.38 20140207
ESET-NOD32 Win32/Oficla.GN 20140207
Emsisoft Trojan.Generic.4502256 (B) 20140207
F-Prot W32/Trojan3.BWA 20140207
F-Secure Trojan.Generic.4502256 20140207
Fortinet W32/VBInjector.AGB!tr 20140207
GData Trojan.Generic.4502256 20140207
Ikarus Trojan.Win32.Jorik 20140207
K7AntiVirus Trojan ( 09e94fb40 ) 20140206
K7GW Trojan ( 001840271 ) 20140207
Kaspersky Trojan.Win32.VBKrypt.dig 20140207
Kingsoft Win32.Troj.VBKrypt.(kcloud) 20140207
Malwarebytes Worm.KoobFace 20140207
McAfee Bredolab.gen.c 20140207
McAfee-GW-Edition Bredolab.gen.c 20140207
MicroWorld-eScan Trojan.Generic.4502256 20140207
Microsoft TrojanDropper:Win32/Oficla.G 20140207
NANO-Antivirus Trojan.Win32.VBKrypt.bjskgs 20140207
Norman Suspicious_Gen2.PIJZE 20140207
Panda Trj/Sinowal.XDN 20140207
Qihoo-360 Win32/Trojan.cdb 20140207
Rising PE:Trojan.Win32.Generic.123065E5!305161701 20140207
Sophos Troj/Agent-NYX 20140207
Symantec Trojan.Usuge!gen3 20140207
TheHacker Trojan/VBKrypt.dig 20140205
TotalDefense Win32/Oficla.JP 20140207
TrendMicro TROJ_FAKEAV.SMZQ 20140207
TrendMicro-HouseCall TROJ_FAKEAV.SMZQ 20140207
VBA32 SScope.Trojan.VB.0602 20140207
VIPRE Trojan.Win32.Generic!BT 20140207
ViRobot Trojan.Win32.VBKrypt.43008 20140207
nProtect Trojan/W32.Small.43008.AO 20140207
Antiy-AVL 20140207
ByteHero 20140207
CMC 20140122
Jiangmin 20140207
SUPERAntiSpyware 20140207
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-07-16 08:53:51
Link date 9:53 AM 7/16/2010
Entry Point 0x00001144
Number of sections 3
PE sections
PE imports
EVENT_SINK_QueryInterface
Ord(518)
Ord(697)
Ord(607)
EVENT_SINK_AddRef
Ord(717)
__vbaExceptHandler
Ord(632)
MethCallEngine
DllFunctionCall
Ord(522)
Ord(520)
Ord(100)
Ord(526)
Ord(696)
ProcCallEngine
Ord(524)
EVENT_SINK_Release
Ord(617)
Ord(528)
Ord(644)
Ord(631)
Ord(619)
LoadResource
LockResource
FreeLibrary
ExitProcess
GetProcAddress
LoadLibraryA
CallWindowProcA
Number of PE resources by type
Struct(15) 11
RT_ICON 6
12 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
NEUTRAL 7
ARABIC NEUTRAL 1
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2010:07:16 09:53:51+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
14848

LinkerVersion
7.1

FileAccessDate
2014:02:07 14:16:46+01:00

EntryPoint
0x1144

InitializedDataSize
27136

SubsystemVersion
4.0

ImageVersion
2.2

OSVersion
4.0

FileCreateDate
2014:02:07 14:16:46+01:00

UninitializedDataSize
0

File identification
MD5 23a61e44dfadf5dcc931b325ff1939ec
SHA1 4adeff84dde436360c3e45b9806b8dc1f8155816
SHA256 bbe4ef632f3a8043b8adac6bb03b8a8b4ba6842154a018075644c16265a19176
ssdeep
768:gXbxeb/brqBqBuOU8rgWFTdBRQdvnKXfjwyd:E8BuOBrjFBBWfMEyd

imphash f8281bf34d5c8c2cb24da96042414545
File size 42.0 KB ( 43008 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2010-07-16 11:51:45 UTC ( 3 years, 9 months ago )
Last submission 2014-02-07 13:14:33 UTC ( 2 months, 2 weeks ago )
File names 4adeff84dde436360c3e45b9806b8dc1f8155816-23a61e44dfadf5dcc931b325ff1939ec.01.exe7379.vir
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!