× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bce0e242841008bc9e7457b39b68c8bc0835283dc1e85f4031f3f5e4d943a568
File name: rapport.pdf.exe
Detection ratio: 1 / 43
Analysis date: 2012-03-20 09:57:32 UTC ( 7 years ago ) View latest
Antivirus Result Update
SUPERAntiSpyware Trojan.Agent/Gen-FakeAlert 20120317
AhnLab-V3 20120319
AntiVir 20120320
Antiy-AVL 20120320
Avast 20120317
AVG 20120319
BitDefender 20120320
ByteHero 20120319
CAT-QuickHeal 20120320
ClamAV 20120320
Commtouch 20120320
Comodo 20120320
DrWeb 20120320
Emsisoft 20120320
eSafe 20120320
eTrust-Vet 20120319
F-Prot 20120320
F-Secure 20120320
Fortinet 20120320
GData 20120320
Ikarus 20120320
Jiangmin 20120319
K7AntiVirus 20120319
Kaspersky 20120320
McAfee 20120320
McAfee-GW-Edition 20120319
Microsoft 20120320
NOD32 20120320
Norman 20120319
nProtect 20120320
Panda 20120319
PCTools 20120319
Prevx 20120320
Rising 20120319
Sophos AV 20120320
Symantec 20120320
TheHacker 20120319
TrendMicro 20120319
TrendMicro-HouseCall 20120320
VBA32 20120319
VIPRE 20120320
ViRobot 20120320
VirusBuster 20120320
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x0002C72C
Number of sections 6
PE sections
Overlays
MD5 1d01153a4bcae7a17ca5348f70492063
File type data
Offset 197632
Size 512
Entropy 7.61
PE imports
RevertToSelf
EnumResourceLanguagesW
SetFilePointer
CreateJobObjectA
GetFirmwareEnvironmentVariableW
EraseTape
WaitForDebugEvent
LZCopy
SetSystemPowerState
FillConsoleOutputAttribute
GetComputerNameW
CreateSocketHandle
CommConfigDialogA
GetFileAttributesW
WaitForMultipleObjects
SetHandleInformation
LoadLibraryA
CancelIo
RegisterWowBaseHandlers
CoFreeAllLibraries
GetDocumentBitStg
PropSysFreeString
CLSIDFromProgID
DllGetClassObject
GetParent
CreateIconIndirect
DestroyMenu
DrawStateW
ValidateRgn
DefFrameProcW
DestroyCursor
LoadKeyboardLayoutA
MessageBoxIndirectW
GetSysColor
GetMenuItemID
MapDialogRect
GetDlgCtrlID
PrintWindow
DefFrameProcA
CloseWindow
GetLastInputInfo
GetThreadDesktop
FindWindowExA
AttachThreadInput
GetSysColorBrush
SendMessageTimeoutW
gethostname
WSAUnhookBlockingHook
WSAIsBlocking
WSAInstallServiceClassW
WSANSPIoctl
recv
WTSOpenServerA
WTSQueryUserConfigA
Number of PE resources by type
RT_DIALOG 4
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1992:06:19 15:22:17-07:00

FileType
Win32 EXE

PEType
PE32

CodeSize
178688

LinkerVersion
8.0

ImageFileCharacteristics
Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

EntryPoint
0x2c72c

InitializedDataSize
17920

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 cff63a36b4d1b80d8daa31b371e04787
SHA1 e52ad7ee3b1ae098c973fb430807625072495405
SHA256 bce0e242841008bc9e7457b39b68c8bc0835283dc1e85f4031f3f5e4d943a568
ssdeep
3072:/cUbSt0LoVSbjQUbeNLsgBwsxMYrhW9VasFRSx5rSCVpMyVVY6xfXt27DOxvq:eVMjQlNRBMwhWqsXSNVPC6xfX47DOJq

authentihash de9c51bafecb692a1e41f76678c7c2ee4ba2e1ae22e3b7b56061cd2d169827b3
imphash 41230ad29068f2339715a3e1c4b0bdaa
File size 193.5 KB ( 198144 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2012-03-20 09:57:32 UTC ( 7 years ago )
Last submission 2019-02-02 22:31:31 UTC ( 1 month, 3 weeks ago )
File names PUlS4LJSrx.pdf
malware
rapport.pdf.exe
output.1340697.txt
bce0e242841008bc9e7457b39b68c8bc0835283dc1e85f4031f3f5e4d943a568.log
1340697
smona_bce0e242841008bc9e7457b39b68c8bc0835283dc1e85f4031f3f5e4d943a568.bin
bce0e242841008bc9e7457b39b68c8bc0835283dc1e85f4031f3f5e4d943a568.bin
1332239826.rapport.pdf.exe
rapport.pdf.exe.mal
file-3691637_exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!