× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bce39df19c0c852ee2323fdc40b4cc0b6a18b87ebcf04c97389f1256e0dd4898
File name: 1287eb274d6f81b4763e872de12c973e.virus
Detection ratio: 38 / 55
Analysis date: 2016-07-18 17:42:35 UTC ( 2 years, 8 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.17620860 20160718
AhnLab-V3 Malware/Win32.Generic.N2041036494 20160718
ALYac Trojan.Generic.17620860 20160718
Antiy-AVL Trojan[:HEUR]/Win32.AGeneric 20160718
Arcabit Trojan.Generic.D10CDF7C 20160718
Avast Win32:Trojan-gen 20160718
AVG Downloader.Generic14.BAWU 20160718
Avira (no cloud) TR/Agent.rdsu 20160718
AVware Trojan.Win32.Generic!BT 20160718
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160718
BitDefender Trojan.Generic.17620860 20160718
Comodo TrojWare.Win32.Kryptik.FBWM 20160718
Cyren W32/Trojan.SJNH-1328 20160718
DrWeb Trojan.Siggen6.58358 20160718
Emsisoft Trojan.Generic.17620860 (B) 20160718
ESET-NOD32 Win32/TrojanDownloader.Agent.CFH 20160718
F-Secure Trojan.Generic.17620860 20160718
Fortinet W32/Generic.AP.44240 20160718
GData Trojan.Generic.17620860 20160718
Ikarus Trojan-Downloader.Win32.Agent 20160718
Jiangmin Trojan.Generic.aduak 20160718
K7AntiVirus Trojan-Downloader ( 004e137c1 ) 20160718
K7GW Trojan-Downloader ( 004e137c1 ) 20160718
Kaspersky Trojan-Downloader.Win32.Gootkit.od 20160718
McAfee GenericRXAC-JQ!1287EB274D6F 20160718
McAfee-GW-Edition BehavesLike.Win32.Ramnit.dt 20160718
Microsoft TrojanDownloader:Win32/Talalpek!rfn 20160718
eScan Trojan.Generic.17620860 20160718
nProtect Trojan.Generic.17620860 20160718
Panda Trj/GdSda.A 20160718
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20160718
Sophos AV Mal/Generic-S 20160718
Symantec Trojan.Cryptolock!g23 20160718
Tencent Win32.Trojan.Fakedoc.Auto 20160718
TrendMicro TROJ_GEN.R028C0DG716 20160718
VIPRE Trojan.Win32.Generic!BT 20160718
Yandex Trojan.DL.Gootkit! 20160717
Zillya Downloader.Gootkit.Win32.80 20160718
AegisLab 20160718
Alibaba 20160718
Bkav 20160718
CAT-QuickHeal 20160718
ClamAV 20160718
CMC 20160715
F-Prot 20160718
Kingsoft 20160718
Malwarebytes 20160718
NANO-Antivirus 20160718
SUPERAntiSpyware 20160718
TheHacker 20160717
TotalDefense 20160718
TrendMicro-HouseCall 20160718
VBA32 20160718
ViRobot 20160718
Zoner 20160718
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2013 Steganos Software GmbH

Product Steganos Safe 17
Original name usbstarter.exe
Internal name usbstarter.exe
File version 17.0.2.11443
Description Steganos PortableSafe USB Starter
Comments Steganos Safe 17
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-04 23:12:11
Entry Point 0x00001B10
Number of sections 4
PE sections
PE imports
RegQueryValueExW
RegOpenKeyW
GetEnhMetaFileA
SetMetaRgn
PathToRegion
GetBkMode
SaveDC
GetTextCharset
GetEnhMetaFileW
GetROP2
UnrealizeObject
UpdateColors
GetObjectType
GetLayout
GetMapMode
GetPixelFormat
GetSystemPaletteUse
GetFontLanguageInfo
RealizePalette
GetDCBrushColor
GetColorSpace
GetStockObject
GetPolyFillMode
StrokePath
GetDCPenColor
GetGraphicsMode
GetTextAlign
SwapBuffers
GetTextColor
GetStretchBltMode
WidenPath
GetBkColor
GetTextCharacterExtra
GetStdHandle
GetDriveTypeW
ReleaseMutex
FileTimeToSystemTime
WaitForSingleObject
EncodePointer
GetFileAttributesW
GetLocalTime
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
EnumSystemLocalesW
GetFileInformationByHandle
lstrcatW
GetLocaleInfoW
GetCPInfo
GetTempPathW
GetSystemTimeAsFileTime
GetOEMCP
CreateEventW
LoadResource
FindClose
TlsGetValue
SetFileAttributesW
SetLastError
PeekNamedPipe
CopyFileW
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
LoadLibraryA
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
SetFilePointerEx
GetFullPathNameW
CreateThread
MoveFileExW
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
SetCurrentDirectoryW
GlobalAlloc
ReadConsoleW
GetCurrentThreadId
GetProcAddress
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
SetEvent
TlsAlloc
lstrcmpiW
RtlUnwind
FreeLibrary
GlobalSize
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetUserDefaultLCID
GetProcessHeap
GetTimeFormatW
lstrcpyW
ExpandEnvironmentStringsW
FindNextFileW
ResetEvent
FindFirstFileW
IsValidLocale
lstrcmpW
FindFirstFileExW
GlobalLock
GetTimeZoneInformation
CreateFileW
GetFileType
TlsSetValue
ExitProcess
LeaveCriticalSection
GetLastError
LCMapStringW
GetSystemInfo
GlobalFree
OpenEventW
CompareStringW
GlobalUnlock
lstrlenW
FileTimeToLocalFileTime
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
lstrcpynW
RaiseException
TlsFree
ReadFile
CloseHandle
GetACP
GetModuleHandleW
GetLongPathNameW
IsValidCodePage
FindResourceW
Sleep
CountClipboardFormats
AnyPopup
GetDialogBaseUnits
LoadCursorFromFileA
LoadCursorW
CloseClipboard
GetClipboardSequenceNumber
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 5
PE resources
ExifTool file metadata
LegalTrademarks
Steganos Safe 17 is a trademark of Steganos Software GmbH

SubsystemVersion
5.0

Comments
Steganos Safe 17

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
17.0.2.11443

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Steganos PortableSafe USB Starter

CharacterSet
Windows, Latin1

InitializedDataSize
183808

EntryPoint
0x1b10

OriginalFileName
usbstarter.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2013 Steganos Software GmbH

FileVersion
17.0.2.11443

TimeStamp
2016:07:05 00:12:11+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
usbstarter.exe

ProductVersion
17.0.2.11443

UninitializedDataSize
0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Steganos Software GmbH

CodeSize
104960

ProductName
Steganos Safe 17

ProductVersionNumber
17.0.2.11443

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 1287eb274d6f81b4763e872de12c973e
SHA1 c9f54ef9ae3a8bb0632476b3bfb6e43d200359a5
SHA256 bce39df19c0c852ee2323fdc40b4cc0b6a18b87ebcf04c97389f1256e0dd4898
ssdeep
3072:r/H46SwUNFr0nXJo/Dt+aN/ctc/U6BoHNKzXkP/dKBMZo9x:r/H3JUNFoZo/DtjN/2c/Bol1KBMa

authentihash ad135a5a7ee5d41cee95ff120c457c9ce0bab5ea7c6a37b09a4af1da39cb162a
imphash e91a5434b66db37c0376c72485d3fcf6
File size 283.0 KB ( 289792 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.4%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-18 17:42:35 UTC ( 2 years, 8 months ago )
Last submission 2016-07-18 17:42:35 UTC ( 2 years, 8 months ago )
File names usbstarter.exe
1287eb274d6f81b4763e872de12c973e.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!